Best Practices for the AWS Snowcone Device - AWS Snowcone User Guide

Best Practices for the AWS Snowcone Device

To help get the maximum benefit from and satisfaction with your AWS Snowcone device, we recommend that you follow these best practices.

Security

  • If you notice anything that looks suspicious about the AWS Snowcone device, don't connect it to your internal network. Instead, contact AWS Support, and a new AWS Snowcone device will be shipped to you.

  • We recommend that you don't save a copy of the unlock code in the same location in the workstation as the manifest for that job. Saving these separately helps prevent unauthorized parties from gaining access to the AWS Snowcone device. For example, you can save a copy of the manifest to your local server, and email the code to a user that unlocks the device. This approach limits access to the AWS Snowcone device to individuals who have access to files saved on the server and also that user's email address.

  • The credentials displayed when you run the Snowball Edge client command snowballEdge list-access-keys followed by snowballEdge get-secret-access-key are a pair of keys: an access key and a secret key. These keys are only associated with the job and the local resources on the device. They don't map to your AWS account or any other AWS account. If you try to use these keys to access services and resources in the AWS Cloud, they fail, because they work only for the local resources associated with your job.

  • You can restrict access to NFS shares. For details, see Restricting Access to NFS Shares When NFS is Running.

  • When you turn off or power cycle a Snowcone device, it goes into a locked state.

Network

  • We recommend that you only use one method of reading and writing data to a local bucket on an AWS Snowcone device at a time. Using both the

    NFS Mount and the DataSync on the same S3 bucket at the same time can result in read/write conflicts.

  • To prevent corrupting your data, don't disconnect an AWS Snowcone device or change its network settings while transferring data.

  • Files should be in a static state while being written to the device. Files that are modified while they are being written can result in read/write conflicts.

  • For more information about improving performance of your AWS Snowcone device, see Snowcone Performance.

Resource Management

  • The five free days for performing your on-premises data transfer start the day after the AWS Snowcone device arrives at your data center.

Managing EC2 Instances

To avoid accidentally deleting the Amazon EC2 instances that you create on your AWS Snowcone device, don't shut down your instances from the operating system. For example, don't use the shutdown or reboot commands. Shutting down an instance from within the operating system has the same effect as calling the terminate-instances command.

Instead, use the stop-instances command to suspend Amazon EC2 instances that you want to preserve.