AWS Storage Gateway
User Guide (API Version 2013-06-30)

What Is AWS Storage Gateway?

AWS Storage Gateway connects an on-premises software appliance with cloud-based storage to provide seamless integration with data security features between your on-premises IT environment and the Amazon Web Services (AWS) storage infrastructure. You can use the service to store data in the AWS Cloud for scalable and cost-effective storage that helps maintain data security. AWS Storage Gateway offers file-based, volume-based and tape-based storage solutions:

  • File Gateway – File gateway is a type of AWS Storage Gateway that supports a file interface into Amazon S3 and that adds to the current block-based volume and VTL storage. File gateway combines a service and virtual software appliance, enabling you to store and retrieve objects in Amazon S3 using industry-standard file protocols such as Network File System (NFS). The software appliance, or gateway, is deployed into your on-premises environment as a virtual machine (VM) running on VMware ESXi. The gateway provides access to objects in S3 as files on a NFS mount point.

    With file gateway, you can do the following:

    • You can now store and retrieve files directly using NFS 3 or 4.1 protocol.

    • You can access your data directly in S3 from any cloud application or service.

    • You can manage your data directly in Amazon S3 using lifecycle policies, cross-region replication, and versioning. We refer to this new capability as file gateway. You can think of this as an NFS mount on S3.

    File gateway simplifies file storage in Amazon S3, integrates to existing applications through industry standard file system protocols and provides a cost-effective alternative to on-premises storage. It also provides low-latency access to data through transparent local caching. File gateway manages data transfer to and from AWS, buffers applications from network congestion, optimizes and streams data in parallel, and manages bandwidth consumption. File gateway integrates with the AWS platform. For example, it integrates AWS Identity and Access Management (IAM) to provide common access management, encryption using AWS Key Management Service (AWS KMS), monitoring using Amazon CloudWatch (CloudWatch), audit using AWS CloudTrail (CloudTrail), operations using the AWS Management Console and AWS Command Line Interface (AWS CLI), billing and cost management, and data management using S3 lifecycle policies and cross-region replication.

  • Volume Gateway – Volume gateway provides cloud-backed storage volumes that you can mount as Internet Small Computer System Interface (iSCSI) devices from your on-premises application servers. The gateway supports the following volume configurations:

    • Cached Volumes – You store your data in Amazon Simple Storage Service (Amazon S3) and retain a copy of frequently accessed data subsets locally. Cached volumes offer a substantial cost savings on primary storage and minimize the need to scale your storage on-premises. You also retain low-latency access to your frequently accessed data.

    • Stored Volumes – If you need low-latency access to your entire data set, you can configure your on-premises gateway to store all your data locally and then asynchronously back up point-in-time snapshots of this data to Amazon S3. This configuration provides durable and inexpensive off-site backups that you can recover to your local data center or Amazon EC2. For example, if you need replacement capacity for disaster recovery, you can recover the backups to Amazon EC2.

  • Tape Gateway – You can cost-effectively and durably archive backup data in Amazon Glacier. Tape Gateway provides a virtual tape infrastructure that scales seamlessly with your business needs and eliminates the operational burden of provisioning, scaling, and maintaining a physical tape infrastructure.

You can choose to run AWS Storage Gateway either on-premises as a virtual machine (VM) appliance, or in AWS as an EC2 instance. You deploy your gateway on an EC2 instance to provision iSCSI storage volumes in AWS. Gateways hosted on EC2 instances can be used for disaster recovery, data mirroring, and providing storage for applications hosted on Amazon EC2.

For an architectural overview, see How AWS Storage Gateway Works (Architecture).

AWS Storage Gateway enables a wide range of use cases. For more information, see the AWS Storage Gateway detail page.

Are You a First-Time AWS Storage Gateway User?

The preceding section summarizes the storage offerings provided by the AWS Storage Gateway. For a detailed architectural overview of these offerings, see How AWS Storage Gateway Works (Architecture).

This documentation provides a Getting Started section that covers setup information common to all gateways and also gateway-specific setup sections. The Getting Started section shows you how to deploy, activate and configure storage a gateway. The management section shows you how to manage your gateway and resources:

  • Creating a File Gateway provides instructions on how to create and use a file gateway. It shows you how to create a file share, map your drive to an Amazon S3 bucket and upload files and folders from your to Amazon S3.

  • Creating a Volume Gateway provides instructions on how to create and use a volume gateway. It shows you how to create storage volumes and back up data to the volumes.

  • Creating a Tape Gateway provides instructions on how to create and use a tape gateway. It shows you how to back up data to virtual tapes and archive the tapes.

  • Managing Your Gateway provides instructions on how to perform management tasks for all gateways types and resources.

The instructions in this guide primarily show the gateway operations by using the AWS Management Console. If you want to perform these operations programmatically, see the AWS Storage Gateway API Reference for information about the supported operations.

AWS Storage Gateway Pricing

For current information about pricing, see the Pricing on the AWS Storage Gateway details page.

Plan Your AWS Storage Gateway Deployment

The AWS Storage Gateway software appliance lets you connect your existing on-premises application infrastructure with scalable, cost-effective AWS cloud storage that provides data security features.

To deploy an AWS Storage Gateway solution, you first need to decide on the following two things:

  1. Storage solution – Depending on your need, you can choose from one of the following storage solutions:

    • File Gateway – The primary uses of File Gateway include file ingest to S3 for use by object-based workloads, cost-effective storage for traditional backup applications, and tiering of on-premises file storage to S3. (If you want additional use cases covered, let us know.) You can cost-effectively and durably store and retrieve your on-premises objects in Amazon S3 using industry standard file protocols. File storage is a new addition to the set of interfaces on AWS Storage Gateway, alongside the current block-based volume and virtual tape library (VTL) storage.

    • Volume Gateway – Volume gateways let you create storage volumes in the AWS Cloud that your on-premises applications can access as Internet Small Computer System Interface (iSCSI) targets. There are two options—cached or stored volumes.

      With cached volumes, you store volume data in AWS, with a small portion of recently accessed data in the cache on-premises. This approach enables low-latency access to your frequently accessed dataset and also provides seamless access to your entire dataset stored in AWS. This type of data access lets you scale your storage resource without having to provision additional hardware.

      With stored volumes, you store the entire set of volume data on-premises and store periodic point-in-time backups (snapshots) in AWS. In this model, your on-premises storage is primary, delivering low-latency access to your entire dataset, and AWS storage is the backup that you can restore in the event of a disaster in your data center.

      For an architectural overview of volume gateways, see Cached Volumes Architecture and Stored Volumes Architecture.

    • Tape Gateway – If you are looking for a cost-effective, durable, long-term, off-site alternative for data archiving, you can deploy the tape gateway solution. The virtual tape library (VTL) interface it provides lets you leverage your existing tape-based backup software infrastructure to store data on virtual tape cartridges that you create on the gateway—for more information, see Compatible Third-Party Backup Software for Tape Gateway. When you archive tapes, you don't worry about managing tapes on your premises and arranging shipments of tapes off-site. For an architectural overview, see Tape Gateway.

  2. Hosting option – You can choose to run AWS Storage Gateway either on-premises, as a virtual machine (VM) appliance, or in AWS, as an Amazon EC2 instance. For more information, see Requirements. If your data center goes offline and you don't have an available host, you can deploy a gateway on an EC2 instance. AWS Storage Gateway provides an Amazon Machine Image (AMI) that contains the gateway VM image.

Additionally, as you configure a host to deploy a gateway software appliance, you will need to allocate sufficient storage for the gateway VM.

Before you continue to the next step, make sure you have done the following:

  1. For a gateway deployed on-premises, you have decided the type of host you want to set up (VMware ESXi Hypervisor or Microsoft Hyper-V) and set it up. For more information, see Requirements. If you deploy the gateway behind a firewall, you must make sure certain ports are accessible to the gateway VM. For more information, see Requirements. The following topics provide steps for configuring the host:

  2. For a tape gateway, you have installed client backup software. For more information, see Compatible Third-Party Backup Software for Tape Gateway.