Enable sharing snapshots with multiple accounts

README.md

@@ -31,7 +31,7 @@ Here is a break down of each parameter for the source template:
 * **BackupInterval** - how many hours between backup
 * **BackupSchedule** - at what times and how often to run backups. Set in accordance with **BackupInterval**. For example, set **BackupInterval** to 8 hours and **BackupSchedule** 0 0,8,16 * * ? * if you want backups to run at 0, 8 and 16 UTC. If your backups run more often than **BackupInterval**, snapshots will only be created when the latest snapshot is older than **BackupInterval**. If you set BackupInterval to more than once a day, make sure to adjust BackupSchedule accordingly or backups will only be taken at the times specified in the CRON expression.
 * **InstanceNamePattern** - set to the names of the instances you want this tool to back up. You can use a Python regex that will be searched in the instance identifier. For example, if your instances are named *prod-01*, *prod-02*, etc, you can set **InstanceNamePattern** to *prod*. The string you specify will be searched anywhere in the name unless you use an anchor such as ^ or $. In most cases, a simple name like "prod" or "dev" will suffice. More information on Python regular expressions here: https://docs.python.org/2/howto/regex.html
-* **DestinationAccount** - the account where you want snapshots to be copied to
+* **DestinationAccounts** - a string of comma-delimited account IDs to which you want snapshots copied
 * **LogLevel** - The log level you want as output to the Lambda functions. ERROR is usually enough. You can increase to INFO or DEBUG.
 * **RetentionDays** - the amount of days you want your snapshots to be kept. Snapshots created more than **RetentionDays** ago will be automatically deleted (only if they contain a tag with Key: CreatedBy, Value: Snapshot Tool for RDS)
 * **ShareSnapshots** - Set to TRUE if you are sharing snapshots with a different account. If you set to FALSE, StateMachine, Lambda functions and associated Cloudwatch Alarms related to sharing across accounts will not be created. It is useful if you only want to take backups and manage the retention, but do not need to copy them across accounts or regions.

cftemplates/snapshots_tool_rds_source.json

@@ -16,10 +16,10 @@
 			"Default": "24",
 			"Description": "Interval for backups in hours. Default is 24"
 		},
-		"DestinationAccount": {
-			"Type": "Number",
+		"DestinationAccounts": {
+			"Type": "String",
 			"Default": "000000000000",
-			"Description": "Destination account with no dashes."
+			"Description": "Destination accounts with no dashes. Comma delimited"
 		},
 		"ShareSnapshots": {
 			"Type": "String",
@@ -370,11 +370,11 @@
 					"S3Key": "share_snapshots_rds.zip"
 				},
 				"MemorySize" : 512,
-				"Description": "This function shares snapshots created by the take_snapshots_rds function with DEST_ACCOUNT specified in the environment variables. ",
+				"Description": "This function shares snapshots created by the take_snapshots_rds function with DEST_ACCOUNTS specified in the environment variables. ",
 				"Environment": {
 					"Variables": {
-						"DEST_ACCOUNT": {
-							"Ref": "DestinationAccount"
+						"DEST_ACCOUNTS": {
+							"Ref": "DestinationAccounts"
 						},
 						"LOG_LEVEL": {
 							"Ref": "LogLevel"
@@ -525,7 +525,7 @@
 				"DefinitionString": {
 					"Fn::Join": ["", [{
 							"Fn::Join": ["\n", [
-								" {\"Comment\":\"Shares snapshots with DEST_ACCOUNT\",",
+								" {\"Comment\":\"Shares snapshots with DEST_ACCOUNTS\",",
 								" \"StartAt\":\"ShareSnapshots\",",
 								" \"States\":{",
 								"   \"ShareSnapshots\":{",

lambda/share_snapshots_rds/lambda_function.py

@@ -22,7 +22,7 @@
 
 # Initialize from environment variable
 LOGLEVEL = os.getenv('LOG_LEVEL', 'ERROR').strip()
-DEST_ACCOUNTID = str(os.getenv('DEST_ACCOUNT')).strip()
+DEST_ACCOUNTID_LIST = str(os.getenv('DEST_ACCOUNTS')).strip().split(',')
 PATTERN = os.getenv('PATTERN', 'ALL_INSTANCES')
 
 if os.getenv('REGION_OVERRIDE', 'NO') != 'NO':
@@ -55,9 +55,7 @@ def lambda_handler(event, context):
                 response_modify = client.modify_db_snapshot_attribute(
                     DBSnapshotIdentifier=snapshot_identifier,
                     AttributeName='restore',
-                    ValuesToAdd=[
-                        DEST_ACCOUNTID
-                    ]
+                    ValuesToAdd=DEST_ACCOUNTID_LIST
                 )
             except Exception as e:
                 logger.error('Exception sharing %s (%s)' % (snapshot_identifier, e))