What is AWS Snowball Edge? - AWS Snowball Edge Developer Guide

What is AWS Snowball Edge?

AWS Snowball Edge is a type of Snowball device with on-board storage and compute power for select AWS capabilities. Snowball Edge can do local processing and edge-computing workloads in addition to transferring data between your local environment and the AWS Cloud.

Each Snowball Edge device can transport data at speeds faster than the internet. This transport is done by shipping the data in the appliances through a regional carrier. The appliances are rugged, complete with E Ink shipping labels.

Snowball Edge devices have four options for device configurations—Storage Optimized, Compute Optimized, Compute Optimized with GPU, and Import virtual tapes into AWS Storage Gateway. When this guide refers to Snowball Edge devices, it's referring to all options of the device. When specific information applies only to one or more optional configurations of devices (such as how the Snowball Edge with GPU has an on-board GPU), it is called out specifically. For more information, see Snowball Edge device options.

AWS Snowball Edge features

Snowball Edge devices have the following features:

  • Large amounts of storage capacity or compute functionality for devices. This depends on the options you choose when you create your job.

  • Network adapters with transfer speeds of up to 100 Gbit/second.

  • Encryption is enforced, protecting your data at rest and in physical transit.

  • You can import or export data between your local environments and Amazon S3, and physically transport the data with one or more devices without using the internet.

  • Snowball Edge devices are their own rugged box. The built-in E Ink display changes to show your shipping label when the device is ready to ship.

  • Snowball Edge devices come with an on-board LCD display that can be used to manage network connections and get service status information.

  • You can cluster Snowball Edge devices for local storage and compute jobs to achieve data durability across 3 to 16 devices and locally grow or shrink storage on demand.

  • You can use the file interface to read and write data to an AWS Snowball Edge device through a file share or Network File System (NFS) mount point.

  • You can use Amazon EKS Anywhere on Snowball Edge devices for Kubernetes workloads.

  • Snowball Edge devices have Amazon S3 and Amazon EC2 compatible endpoints available, enabling programmatic use cases.

  • Snowball Edge devices support the new sbe1, sbe-c, and sbe-g instance types, which you can use to run compute instances on the device using Amazon Machine Images (AMIs).

  • Snowball Edge supports these data transfer protocols for data migration:

    • NFSv3

    • NFSv4

    • NFSv4.1

    • Amazon S3 over HTTP or HTTPS (via API compatible with AWS CLI version 1.16.14 and earlier)

Prerequisites for using Snow Family devices

Sign up for an AWS account

If you do not have an AWS account, complete the following steps to create one.

To sign up for an AWS account
  1. Open https://portal.aws.amazon.com/billing/signup.

  2. Follow the online instructions.

    Part of the sign-up procedure involves receiving a phone call and entering a verification code on the phone keypad.

    When you sign up for an AWS account, an AWS account root user is created. The root user has access to all AWS services and resources in the account. As a security best practice, assign administrative access to an administrative user, and use only the root user to perform tasks that require root user access.

AWS sends you a confirmation email after the sign-up process is complete. At any time, you can view your current account activity and manage your account by going to https://aws.amazon.com/ and choosing My Account.

Create an administrative user

After you sign up for an AWS account, secure your AWS account root user, enable AWS IAM Identity Center, and create an administrative user so that you don't use the root user for everyday tasks.

Secure your AWS account root user
  1. Sign in to the AWS Management Console as the account owner by choosing Root user and entering your AWS account email address. On the next page, enter your password.

    For help signing in by using root user, see Signing in as the root user in the AWS Sign-In User Guide.

  2. Turn on multi-factor authentication (MFA) for your root user.

    For instructions, see Enable a virtual MFA device for your AWS account root user (console) in the IAM User Guide.

Create an administrative user
  1. Enable IAM Identity Center.

    For instructions, see Enabling AWS IAM Identity Center in the AWS IAM Identity Center User Guide.

  2. In IAM Identity Center, grant administrative access to an administrative user.

    For a tutorial about using the IAM Identity Center directory as your identity source, see Configure user access with the default IAM Identity Center directory in the AWS IAM Identity Center User Guide.

Sign in as the administrative user
  • To sign in with your IAM Identity Center user, use the sign-in URL that was sent to your email address when you created the IAM Identity Center user.

    For help signing in using an IAM Identity Center user, see Signing in to the AWS access portal in the AWS Sign-In User Guide.

Prerequisites for using Amazon S3 adapter on Snow Family devices for import and export jobs

You will use S3 adapter on Snow Family devices when you are using the devices to move data from on-premises data sources to the cloud or from the cloud to on-premises data storage.

Note

You must select S3 adapter on Snow when you order devices. See Step 2: Choose your compute and storage options in this guide.

The Amazon S3 bucket associated with the job must use the Amazon S3 standard storage class. Before creating your first job, keep the following in mind.

For jobs that import data into Amazon S3, follow these steps:

  • Confirm that the files and folders to transfer are named according to the object key naming guidelines for Amazon S3. Any files or folders with names that don't meet these guidelines aren't imported into Amazon S3.

  • Plan what data you want to import into Amazon S3. For more information, see Planning your large transfer.

Before exporting data from Amazon S3, follow these steps:

  • Understand what data is exported when you create your job. For more information, see Using Export Ranges.

  • For any files with a colon (:) in the file name, change the file names in Amazon S3 before you create the export job to get these files. Files with a colon in the file name fail export to Microsoft Windows Server.

Prerequisites for using Amazon S3 compatible storage on Snow Family devices

You will use Amazon S3 compatible storage on Snow Family devices when you are storing data on the device at your edge location and using the data for local compute operations. To migrate data to or from AWS, set up an export or import job and use the Amazon S3 adapter.

When ordering a Snow device for local compute and storage with Amazon S3 compatible storage, keep the following in mind.

  • You will provision Amazon S3 storage capacity when you order the device. So consider your storage need before ordering a device.

  • You can create Amazon S3 buckets on the device after you receive it rather than while ordering a Snow Family device.

  • You will need to download the latest version of the AWS CLI (v2.11.15 or higher), Snowball Edge client, or AWS OpsHub and install it on your computer to use Amazon S3 compatible storage on Snow Family devices.

  • After receiving your device, configure, start, and use Amazon S3 compatible storage on Snow Family devices according to Using Amazon S3 compatible storage on Snow Family devices in this guide.

Prerequisites for using compute instances on Snow Family devices

For jobs using compute instances, before you can add any AMIs to your job, you must have an AMI in your AWS account and it must be a supported image type. Currently, supported AMIs are based on these operating systems:

Note

Ubuntu 16.04 LTS - Xenial (HVM) images are no longer supported in the AWS Marketplace, but still supported for use on Snowball Edge devices through Amazon EC2 VM Import/Export and running locally in AMIs.

You can get these images from AWS Marketplace.

If you're using SSH to connect to the instances running on a Snowball Edge, you can use your own key pair or you can create one on the Snowball Edge. To use AWS OpsHub to create a key pair on the device, see Working with key pairs. To use the AWS CLI to create a key pair on the device, see create-key-pair in List of Supported Amazon EC2-compatible AWS CLI Commands on a Snowball Edge. For more information on key pairs and Amazon Linux 2, see Amazon EC2 key pairs and Linux instances in the Amazon EC2 User Guide for Linux Instances.

For information specific to using compute instances on a device, see Using Amazon EC2-compatible compute instances.

You can use an AWS Snowball Edge device with the following related AWS services:

  • Amazon S3 adapter — Use for programmatic data transfer in to and out of AWS using the Amazon S3 API for Snowball Edge, which supports a subset of Amazon S3 API operations. In this role, data is transferred to the Snow device by AWS on your behalf and the device is shipped to you (for an export job), or AWS ships an empty Snow device to you and you transfer data from your on-premises sources to the device and ship it back to AWS (for an import job)"

  • Amazon S3 compatible storage on Snow Family devices — Use to support the data needs of compute services such as Amazon EC2, Amazon EKS Anywhere on Snow, and others. This feature is available on Snowball Edge devices and provides an expanded Amazon S3 API set and features such as increased resiliency with flexible cluster setup for 3 to 16 nodes, local bucket management, and local notifications.

  • Amazon EC2 – Run compute instances on a Snowball Edge device using the Amazon EC2 compatible endpoint, which supports a subset of the Amazon EC2 API operations. For more information about using Amazon EC2 in AWS, see Getting started with Amazon EC2 Linux instances.

  • Amazon EKS Anywhere on Snow – Create and operate Kubernetes clusters on Snow Family devices. See Using Amazon EKS Anywhere on AWS Snow.

  • AWS Lambda powered by AWS IoT Greengrass – Invoke Lambda functions based on Amazon S3 compatible storage on Snow Family devices storage actions made on an AWS Snowball Edge device. For more information about using Lambda, see Using AWS Lambda with an AWS Snowball Edge and the AWS Lambda Developer Guide.

  • Amazon Elastic Block Store (Amazon EBS) – Provide block-level storage volumes for use with EC2-compatible instances. For more information, see Amazon Elastic Block Store (Amazon EBS).

  • AWS Identity and Access Management (IAM) – Use this service to securely control access to AWS resources. For more information, see What is IAM?

  • AWS Security Token Service (AWS STS) – Request temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users). For more information, see Temporary security credentials in IAM.

  • Amazon EC2 Systems Manager – Use this service to view and control your infrastructure on AWS. For more information, see What is AWS Systems Manager?

Accessing the service

You can either use the AWS Snow Family Management Console or the job management API to create and manage jobs. For information about the job management API, see Job Management API Reference for AWS Snowball.

Accessing an AWS Snowball Edge device

After your Snowball Edge device is onsite, you can configure it with an IP address using the LCD screen then you can unlock the device using the Snowball Edge client or AWS OpsHub for Snow Family. Then, you run can perform data transfer or edge compute tasks. For more information, see Using an AWS Snowball Edge Device.

Pricing for the AWS Snowball Edge

For information about the pricing and fees associated with the service and its devices, see AWS Snowball Edge Pricing.

Device monitoring

AWS will monitor the Snow device and may collect metrics and usage information when the Snow device is connected to an AWS Region. If the Snow device is not connected to the AWS Region, then AWS will not monitor the Snow device.

If AWS detects an irreparable issue, and there is a need to replace physical equipment, AWS will notify you. You can then place a replacement job that we will ship to your site. There is no additional charge for this, as Snow device monitoring is included as part of the Snow device service fee.

Are you a first-time AWS Snowball user?

If you are a first-time user of the AWS Snow Family service, we recommend that you read the following sections in order:

  1. For information about device types and options, see AWS Snowball Edge device differences.

  2. To learn more about the types of jobs, see Understanding AWS Snowball Edge Jobs.

  3. For an end-to-end overview of how to use an AWS Snowball Edge device, see How AWS Snowball Edge works.

  4. When you're ready to get started, see Getting Started.

  5. For information about using compute instances on a device, see Using Amazon EC2-compatible compute instances.