Amazon Glacier provides secure storage for low-cost, long-term enterprise data retention. Amazon Glacier storage...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
-- much like other AWS storage offerings -- is broken down into two fundamental concepts: the objects being stored and the containers holding data.
In Glacier, a data object is called an archive. An archive can be a document, image or another form of data, as well as a collection of data consolidated into a single compressed file, such as a .tar or .zip file. These collections are then uploaded to Glacier as a single archive entity. Archives must be placed in suitable containers, and Glacier stores its archives in "vaults." Administrators can use the AWS Management Console and AWS software development kits to create, delete, lock, inventory, filter, adjust access policies and otherwise manage vaults. A single AWS account can support up to 1,000 vaults; each vault can contain numerous archive objects.
Admins often use Amazon Glacier backup because of its security features. Glacier assigns each archive object a unique identifier when it is uploaded to AWS, rendering the archive immutable. Administrators can run Identity and Access Management controls to authenticate and restrict access at the user level, ensuring that only authorized users, business groups or partners can access certain vaults. Glacier vault containers can also be locked using the Amazon Glacier Vault Lock policy. For example, an admin can set a vault to read-only and prohibit alterations to the policy, leaving Glacier to enforce the policy and guard data against changes or deletion.
Combining Amazon Glacier backup storage with a tool like AWS CloudTrail creates detailed log files of the actions performed on Glacier vaults and objects. Logs can report which user accessed a certain vault or interacted with a particular archive. Logging can help maintain proper regulatory compliance and business governance for archived cloud data.
By design, developers cannot readily access Amazon Glacier backup data. Unlike online storage -- such as Amazon Simple Storage Service (S3), Amazon Glacier storage is not directly visible. Admins must restore data to accessible storage, such as S3, before accessing it. It may take several hours to retrieve archived object data stored in Glacier vault containers, and retrieving data imposes a cost. Administrators should configure the retrieval rate and mitigate retrieval costs with Amazon Glacier backup.
Glacier, Nearline do battle on archival front
Get to know these AWS data storage services
Slow retrieval, high costs open the door for Glacier competition
Dig Deeper on AWS database management
Related Q&A from Stephen J. Bigelow
RAID 5 and RAID 6 erasure coding, deduplication and compression are similar but distinct concepts that reduce data and maintain storage capacity in ...continue reading
To configure RAID 1, RAID 5 or RAID 6 erasure coding in VMware vSAN 6.2, an administrator must first choose the proper RAID protection settings.continue reading
RAID provides workload resilience and protects against data loss, but not all levels of RAID are made alike. What are the storage tradeoffs for RAID ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.