AWS Storage Gateway connects an on-premises software appliance with cloud-based storage to provide seamless integration with data security features between the on-premises IT environment and the AWS cloud storage infrastructure. The service can be used for backup and archiving, disaster recovery, cloud bursting, storage tiering, and migration.
On premises applications connect to the service through a gateway appliance using standard storage protocols, such as NFS and iSCSI, and the gateway connects to AWS storage services, such as Amazon S3, Amazon Glacier, and Amazon EBS, providing file-based, volume-based, and tape-based storage solutions.
File Gateway
A file gateway supports a file interface into Amazon S3 and combines a service and a virtual software appliance (called the gateway), which is VM running on VMware ESXi deployed to the on-premises environment. The gateway provides access to objects in S3 as files on an NFS mount point. With a file gateway, you can do the following:
- You can store and retrieve files directly using the NFS version 3 or 4.1 protocol.
- You can access your data directly in Amazon S3 from any AWS Cloud application or service.
- You can manage your Amazon S3 data using lifecycle policies, cross-region replication, and versioning.
You can think of a file gateway as an NFS mount on S3.
A file gateway manages data transfer to and from AWS, buffers applications from network congestion, optimizes and streams data in parallel, and manages bandwidth consumption. File gateways integrate with AWS services, for example with the following:
- Common access management using AWS Identity and Access Management (IAM)
- Encryption using AWS Key Management Service (AWS KMS)
- Monitoring using Amazon CloudWatch (CloudWatch)
- Audit using AWS CloudTrail (CloudTrail)
- Operations using the AWS Management Console and AWS Command Line Interface (AWS CLI)
- Billing and cost management
Volume Gateway
A volume gateway provides cloud-backed storage volumes that can be mounted as Internet Small Computer System Interface (iSCSI) devices from on-premises application servers. Data written to these volumes can be asynchronously backed up as snapshots and stored in the cloud as Amazon EBS snapshots. Snapshots are incremental that capture only changed blocks and snapshot storag is compressed to minimize storage charges
The gateway supports the following volume configurations:
- Cached volumes – Data is stored in Amazon S3 and a copy of frequently accessed data subsets is retained locally. Cached volumes offer a substantial cost savings on primary storage and minimize the need to scale your storage on-premises. You also retain low-latency access to your frequently accessed data.
- Stored volumes – If low-latency access to your entire dataset is needed, the on-premises gateway can be configured to store all the data locally, then asynchronously back up point-in-time snapshots (in the form of Amazon EBS) of this data to Amazon S3. This configuration provides durable and inexpensive offsite backups that can be used to recover to the local data center or Amazon EC2.
Tape Gateway
Tape gateways provide a cost effective and durable data backup archiving method into Amazon Glacier. It provides a Virtual Tape Library (VTL) interface that lets you leverage existing tape-based backup application infrastructure to store data on vritual tape catridges that are created on the tape gateway.
