In this section of the AWS Certified: SAP on AWS Specialty learning path, we introduce you to the various Storage services currently available in AWS that are relevant to the PAS-C01 exam.
Learning Objectives
- Identify and describe the various Storage services available in AWS
- Understand how AWS Storage services can assist with large-scale data storage, migration, and transfer both into and out of AWS
- Describe hybrid cloud storage services and on-premises data backup solutions using AWS Storage services
- Identify storage options for SAP workloads on AWS
Prerequisites
The AWS Certified: SAP on AWS Specialty certification has been designed for anyone who has experience managing and operating SAP workloads. Ideally you’ll also have some exposure to the design and implementation of SAP workloads on AWS, including migrating these workloads from on-premises environments. Many exam questions will require a solutions architect level of knowledge for many AWS services, including AWS Storage services. All of the AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.
The snowcone and the snowball are similar in their size and construction with regards to the casing compared to that of the snowmobile which is in a class of its own, I mean it comes on a Truck!
So let me talk about the Snowcone and Snowball for a moment. These two hardware appliances share some key features between them that I want to highlight.
When transferring data to these devices it is automatically encrypted to protect the data. This encryption is backed by keys generated by the Key Management Service (KMS). To enhance the security of the device, the encryption keys are not stored on the device during transit. If you would like to learn more about the Key Management Service, then you can see our existing course here.
Following on from encryption, another security feature that these devices have in common is that their enclosure is Anti-tamper in addition to specific verification checks on the boot environment when the device is first switched on. These measurements and checks help to validate the integrity of the data to ensure that it has not been interfered with at all during transit.
In addition to their enclosure being secure by design, it is also highly rugged and able to withstand the harshest of environments, for example, the snowcone can operate in conditions of -32ºC/-25.6ºF to 63ºC/145.4ºF. It’s all windproof, dustproof and water-resistant! The enclosures are designed to withstand operational vibrations and shockproof should you drop the device.
Each of the snow devices uses an E Ink shipping label which is pre-loaded with the delivery details entered on the associated job. When the snow device leaves AWS premises it can be tracked via SNS, text messaging and the AWS Management Console. When the device is prepared to be returned to AWS premises, the E Ink automatically updates with the appropriate location
As these devices are packed full of data, it’s essential that the data is deleted once the transfer has been completed and the snow device is no longer required. As a result, AWS carries out a secure erase which meets the National Institute of Standards and Technology, more commonly known as NIST for the sanitization of the media and storage.
Before I finish this lecture I just want to point out a couple of features related to the snowmobile.
Each snowmobile is sent with a connector rack allowing you to connect it to the backbone network of your own data center, as a result, this rack comes with up to 2 kilometers of network cabling.
The Snowmobile is designed to operate within ambient temperature up to 85F (29.4C). If the temperature exceeds this then an additional auxiliary chiller unit can be supplied by AWS following a site assessment survey. If there isn’t sufficient power to feed the snowmobile at the data center then AWS can also send a separate generator to power the snowmobile, however, this requires the same space required to home a snowmobile.
As with the Snowcone and snowball, the snowmobile also encrypts data backed by the Key Management Service. Also, the snowmobile is only ever operated by AWS personnel and can also be escorted by an additional security vehicle during the transit of the container to and from premises, in addition to having GPS tracking available. As added security, the container is also protected via 24/7 video surveillance systems and alarms.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.