Create Volumes for a Gateway-Stored Configuration
Previously, you allocated one of the two disks that you added to the VM for your application's data and the other disk for an upload buffer. You will now create a storage volume for your application data and configure CHAP authentication for your volumes. Your on-premises applications write data to this storage volume and store the data locally. The gateway periodically takes snapshots (incremental backups) and uploads them to Amazon S3.
The following architectural overview diagram shows the part of the gateway-stored setup that you are creating.
Create a Storage Volume
Your application data will reside in the volume that you create.
To create a storage volume for a gateway-stored configuration
In the Create Storage Volume wizard, provide the storage volume information.
In the Disk drop-down list, select the 150 GiB virtual disk on your VM.
This drop-down list shows the virtual disks that you added to the gateway VM. Select the disk on which you plan to store data.
Keep the Preserve existing data check box unchecked.
Make sure that you don't have any existing data on the virtual disk. Any existing data on the disk is lost.
Type a name in the iSCSI Target Name box.
The target name can contain lowercase letters, numbers, periods (.), and hyphens (-). This target name appears as the iSCSI Target Node name in the Targets tab of the iSCSI Microsoft Initiator UI after discovery. For example, the name
iqn.1007-05.com.amazon:target1. Ensure that the target name is globally unique within your SAN.
Leave the Based on Snapshot ID box empty.
If you want to restore an existing Amazon EBS snapshot or a gateway snapshot on the storage volume that you are creating, you must specify the snapshot ID. The gateway downloads your existing snapshot data to the storage volume. For more information, see Restoring a Snapshot to a Storage Volume.
Verify that the Host IP setting is the IP address of your gateway, and then click Create Volume.
Configure CHAP Authentication for Your Volumes
You can configure your volumes to use Challenge-Handshake Authentication Protocol (CHAP). CHAP provides protection against playback attacks by requiring authentication to access your storage volume targets.
In the Configure CHAP Authentication dialog box, you provide information so that you can configure CHAP for your volumes.
To configure CHAP
In the Configure CHAP Authentication dialog box, click the Enabled check box.
In the Initiator Name box, type the name of your initiator.
In the Secret Used to Authenticate Initiator box, type the secret phrase you used to authenticate your iSCSI initiator.
In the Secret Used to Authenticate Target (Mutual CHAP) box, type the secret phrase used to authenticate your target for mutual CHAP.
Click Save to save these values.
For more details on setting up CHAP authentication, see Configuring CHAP Authentication for Your Storage Volume.