AWS TL;DR: Storage Gateway (Hybrid Cloud Storage)
Back to AWS TL;DR Hub

AWS Storage Gateway

/tldr: A hybrid storage service providing seamless, low-latency access to virtually unlimited cloud storage from your on-premises data center.

Hybrid Cloud On-Premises Connectivity Data Migration & Backup

1. Core Concept & Infrastructure

The Storage Gateway is deployed as a **virtual appliance** (VMware, Hyper-V, KVM) or on a **dedicated hardware appliance** in your local data center. This gateway acts as a high-performance bridge, caching frequently accessed data locally while asynchronously transferring all data to AWS cloud storage.

Key Benefits

  • **Local Performance:** Uses local disk for caching to provide low-latency access to data for on-premises applications.
  • **Cost-Effective:** Leverages the scalability and low cost of Amazon S3 for long-term storage, reducing the need for expensive local infrastructure.
  • **Security:** Data is encrypted both in transit (using SSL/TLS) and at rest in AWS.
  • **Bandwidth Optimization:** Manages data transfer efficiently, only sending changed data blocks.

2. The Three Gateway Types

There are three main types of Storage Gateway, each offering a different interface to suit specific on-premises application needs:

📁

File Gateway (NFS & SMB)

Provides a file-based interface (NFS v3/4.1 and SMB v2/3) for on-premises applications to store data as **objects in Amazon S3**. Each file share maps directly to an S3 bucket.

Use Case: Lift-and-shift of file shares, cloud-backed file storage, content repositories.

🧱

Volume Gateway (iSCSI)

Provides block storage to on-premises applications using the **iSCSI protocol**. Data is stored as volumes, which are backed by **EBS snapshots** in the cloud.

Use Case: Creating cloud-backed iSCSI volumes for local applications, disaster recovery, cloud migration planning.

  • **Cached Volumes:** Keep frequently accessed data locally, less used data in AWS.
  • **Stored Volumes:** Keep primary data locally, backup asynchronously to AWS.
📼

Tape Gateway (VTL)

Provides a virtual tape library (VTL) interface to existing backup applications (e.g., NetBackup, Veeam). It replaces physical tapes with **virtual tapes** backed by **S3 and Glacier**.

Use Case: Offloading physical tape management, long-term archival, retiring on-premises tape infrastructure.

3. Key Differentiators

Summary of Data Flow

  • **File Gateway:** Exposes NFS/SMB protocols. Stores data as S3 **Objects**.
  • **Volume Gateway:** Exposes iSCSI protocol. Stores data as **EBS Snapshots**.
  • **Tape Gateway:** Exposes VTL/iSCSI protocol. Stores data as S3/Glacier **Virtual Tapes**.

Storage Gateway simplifies the shift to hybrid cloud by giving your local applications a familiar face for cloud-based storage.

AWS Fundamentals Series: AWS Storage Gateway