AWS Storage Services
With an on-premises data backup solution within your data center, it’s critical for your business to have a disaster recovery plan built into your business continuity plans. You need to have a plan in place should a disaster occur that affects your operation of the business. The same is true when you start to leverage the cloud for its storage capabilities for your backed up data.
This course explains how cloud storage fits in with DR and the different considerations when preparing to design a solution to back up your on-premises data to AWS. It will explain how Amazon S3, AWS Snowball, and AWS Storage Gateway can all be used to help with the transfer and storage of your backup data.
You should not assume that just because you are backing data up to the cloud it will solve your every need, there are many points of consideration when planning a DR backup solution to the cloud, such as AWS. However, it does also open opportunities to you that may not have been possible with a standard on-premises backup solution. It’s these points of interest that many enterprises are focusing on to gain a significant advantage when it comes to disaster recovery.
AWS offers a number of different services available to help you architect the best solution for your needs. To allow you to set up the correct solution that works for you, you must first understand how each of these services can be of benefit to you.
To help you implement effective solutions, you must first have answers to the following:
- What is your RTO (Recovery Time Objective)?
- What is your RPO (Recovery Point Objective)?
- How quickly do you need to retrieve your data?
- How much data do you need to import/export?
- What durability is required for your data?
- How sensitive is your data?
- What security mechanisms are required to protect your data?
- Do you have any compliance controls that you need to abide by?
When you have answers to these questions, you will be able to start working towards an effective backup solution to create a cost-efficient, highly reliable, durable and secure data backup storage solution.
- Gain an understanding of how your storage solution can affect your business continuity and DR plans
- Obtain the knowledge to know when to use specific AWS storage solutions to your advantage between Amazon S3, Amazon Glacier, AWS Snowball, and AWS Storage Gateway
- Understand how each of these services can provide a DR solution to fit your specific needs
This course has been designed for:
- Engineers who need to manage and maintain AWS storage services
- Architects who are implementing effective data backup solutions from on-premise to AWS
- Business continuity management managers
- Anyone looking to prepare for the AWS Solutions Architect - Professional certification
As a prerequisite to this course you should have a basic understanding of the following:
- Business continuity
- Disaster recovery
- Data backup terms and methodologies
- Amazon S3
- Amazon EC2
- Elastic Block Store (EBS)
This course includes
If you have thoughts or suggestions for this course, please contact Cloud Academy at firstname.lastname@example.org.
Resources referenced within this lecture
Hello, and welcome to this lecture focusing on the AWS Snowball service. Essentially, this service is used to securely transfer large amounts of data and I'm talking up to petabyte scale here, in and out of AWS. Either from your on-premise data center to Amazon S3 or from Amazon S3 back to your data center using a physical appliance known as a snowball.
The snowball appliance comes as either a 50 terabyte or 80 terabyte storage device, depending on your region. Currently, the 50 terabyte version is only available within the U. S. regions. The appliance is dust, water, and tamper resistant and can even withstand a eight and a half G jolt from within it's own external shipping container.
And so it's been built to cope with a lot of stress conditions to ensure the durability of your data.
The snowball appliance has been designed to allow for high speed data transfer, thanks to a range of interfaces allowing you to select the most appropriate connection for your needs. Onboard the snowball appliance, the following I/O 10-gigabit interfaces are available, RJ45 using Cat6, SFP+ Copper and SFP+ Optical.
By default, all data transferred to the snowball appliance is automatically encrypted using 256-bit encryption keys generated from KMS, the key management service. Whilst on the topic of security, it also features end to end tracking using an E ink shipping label. This ensures that when the device leaves your premises, it is sent to the right AWS facility.
The appliance can also be tracked using the AWS Simple Notification Service with text messages or via the AWS Management Console.
From a compliance perspective, AWS Snowball is also HIPAA compliant allowing you to transfer protected health information in and out of S3.
When the transfer of data is complete via into S3 or into a customer's data center and the appliance is sent back to AWS. It is then the responsibility of AWS to ensure the data held in the Snowball Appliance is deleted and removed.
To control this process, AWS conforms to standards and guidelines set by NIST, the National Institute of Standard and Technology, to ensure this is performed and controlled and that all traces of data are removed from the media.
When sending or retrieving data, Snowball appliances can be aggregated together. For example, if you need to retrieve 400 terabytes of data from S3, then your data will be sent by five 80 terabyte Snowball appliances.
So from a disaster recovery perspective, when might you need to use AWS Snowball? Well, it all depends on how much data you need to get back from S3 to your own corporate data center and how quickly you can do that. On the other hand, how much data do you need to get into S3?
This'll depend on the connection you have to AWS from your data center. You may have direct connect connections, a VPN, or just an internet connection. And if you need to restore multiple petabytes of data, this could take weeks or even months to complete.
As a general rule, if your data retrieval will take longer than a week using your existing connection method, then you should consider using AWS Snowball.
Your global location will affect specific shipping times and so more information on this can be found using the link on the screen.
If you did decide to use AWS Snowball to retrieve your data in the event of a disaster, the process to use AWS Snowball is a fairly simple process. At a high level, this is how it looks.
- Firstly, you need to create an export job from within the AWS Management Console. Within this job, you can detect shipping details, the S3 bucket and the data to be exported, security mechanisms such as the KMS key for data encryption and also notifications.
- You will then receive delivery of your Snowball appliance.
- You can now connect the appliance to your local corporate network.
- Firstly, use the ports to connect the appliance to your network whilst it's powered off. Next, power on the device and the E Ink display will let you know that it's ready. You can then configure the network settings of the device such as the IP address to enable communications.
- From here, you are now ready to start transferring the data.
- To do this, you must first gain specific access credential for a manifest file through the Management Console which has to be downloaded. You must then install the Snowball Client software and you can now begin transferring data using the client software once authenticated with a manifest file.
- When the data transfer is complete, you can disconnect the Snowball Client. The appliance must then be returned to AWS using specified shipping carriers.
It's important to note that all Snowball appliances are the property of AWS. And the E Ink label will display the return address.
That now brings me to the end of this lecture while I looked at how and when you can use AWS Snowball to import or more importantly, export data, especially when required from a disaster recovery perspective.
Coming up next, I'll be explaining the different methods on how you can use the AWS Storage Gateway Service to transfer data between your data center and Amazon S3 for backup.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 90+ courses relating to Cloud reaching over 140,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.