Skip to main content
All CollectionsAWS WorkloadsAirgap Data Protection to CloudAirgap Data Protection of RDS Databases and Clusters
RDS Airgap Backup Architecture
RDS Airgap Backup Architecture
Updated over a month ago

❗ Important

This feature has limited availability. To know more about limited availability and sign up for this feature, contact Support.

The architecture and data flow across components within Druva’s Infrastructure and the customer’s environment is illustrated below:

Components within Druva and Customer infrastructure

  • API and JWT Authorizer: Provides the CRUD operations on thebackup policy to configure RDS databases and clusters for air-gapped backup.

  • Backup Transition Job: Generates a copy of RDS backups from the customer’s RDS account to Druva’s air gapped RDS account.

  • Backup Transition Schedule: The scheduler fetches information from the Backup Transition Queue and handles the creation of job messages sent for execution.

  • KMS Encryption Key: Snapshots that have been encrypted with AWS-managed KMS keys cannot be shared. Instead these will need to be encrypted with a customer managed key (CMK). This is required to copy an encrypted snapshot that has been shared from another AWS account. In these cases, you will need to have access to the KMS key that was used to encrypt the snapshot.

  • Customer IAM Role: The IAM access role that grants our data protection solution access to your AWS account using an IAM Access Role.

Related Articles
Introduction to RDS Airgap Data Protection
Back up RDS Databases
Back up RDS Clusters
Restore RDS Databases
Restore RDS Clusters
Did this answer your question?