Security - AWS Storage Services Overview


IAM helps you provide security in controlling access to AWS Storage Gateway. With IAM, you can create multiple IAM users under your AWS account. The AWS Storage Gateway API enables a list of actions each IAM user can perform on AWS Storage Gateway.

The AWS Storage Gateway encrypts all data in transit to and from AWS by using SSL. All volume and snapshot data stored in AWS using gateway-stored or gateway-cached volumes and all virtual tape data stored in AWS using a gateway- VTL is encrypted at rest using AES-256, a secure symmetric-key encryption standard using 256-bit encryption keys. Storage Gateway supports authentication between your gateway and iSCSI initiators by using Challenge-Handshake Authentication Protocol (CHAP).