AWS Storage Gateway in an Amazon Web Services tool that connects on-premises software resources with storage in the AWS public cloud. The service securely transfers application data between on-premises software and cloud-based storage to improve application scalability and help an enterprise save costs.
The AWS Storage Gateway is available for download as a virtual machine image, which is installed in the data center. An administrator associates the gateway with an AWS account and then interacts with the service through the AWS Management Console.
AWS Storage Gateway supports gateway-cached volumes, gateway-stored volumes and gateway-virtual tape library (VTL).
Gateway-cached volumes allow users to store primary data in Amazon Simple Storage Service (S3) while keeping frequently accessed data on-premises. This configuration allows a user to store up to 32 volumes with 32 TB of data per volume. Gateway-cached volumes also allow a user to take snapshots of volume data for protection.
Gateway-stored volumes maintain access to the entire data set. This configuration stores data locally and backs up snapshots to S3 for disaster recovery. A user is limited to 32 volumes with this configuration and a maximum of 16 TB per volume.
Gateway-VTL, which replaces a physical tape infrastructure, stores an unlimited amount of virtual tapes in S3 or Amazon Glacier. Gateway-VTL uses an Internet Small Computer System Interface (iSCSI) to give backup software online access to tapes. Virtual tapes are available in the following sizes: 100 GB, 200 GB, 400 GB, 800 GB, 1.5 TB and 2.5 TB. Each VTL is limited to 1,500 virtual tapes and a combined capacity of 1 petabyte.
AWS Storage Gateway encrypts all data in transit to and from AWS over a secure sockets layer. The service also encrypts volume and snapshot data at rest using Advanced Encryption Standard 256, based on 256-bit encryption keys. AWS Storage Gateway supports Challenge-Handshake Authentication Protocol for iSCSI authentication.