Choosing AWS services for data protection - AWS Prescriptive Guidance

Choosing AWS services for data protection

Notice

As of April 30, 2024, VMware Cloud on AWS is no longer resold by AWS or its channel partners. The service will continue to be available through Broadcom. We encourage you to reach out to your AWS representative for details.

AWS provides a number of storage and complementary services that can be used as part of your backup and recovery approach. These services can support both cloud-native and hybrid architectures. Different services are more effective for different use cases.

  • Amazon S3 is suited for both hybrid and cloud-native use cases. It provides highly durable, general-purpose object storage solutions that are suitable for backing up individual files, servers, or an entire data center.

  • AWS Storage Gateway is ideal for hybrid use cases. Storage Gateway uses the power of Amazon S3 for common on-premises backup and storage requirements. Your applications connect to the service through a virtual machine (VM) or hardware gateway appliance using the following standard storage protocols:

    • Network File System (NFS)

    • Server Message Block (SMB)

    • Internet Small Computer System Interface (iSCSI)

    The gateway bridges these common on-premises protocols to AWS storage services such as the following:

    • Amazon S3

    • S3 Glacier Deep Archive

    • Amazon EBS

    Storage Gateway makes it easier to provide elastic, high-performance storage for files, volumes, snapshots, and virtual tapes in AWS.

  • AWS Backup is a fully managed backup service for centralizing and automating the backup of data across AWS services. Using AWS Backup, you can centrally configure backup policies and monitor backup activity for AWS resources, such as the following:

    • EBS volumes

    • EC2 instances (including Windows applications)

    • Amazon RDS and Amazon Aurora databases

    • DynamoDB tables

    • Amazon Neptune databases

    • Amazon DocumentDB (with MongoDB compatibility) databases

    • Amazon EFS file systems

    • Amazon FSx for Lustre file systems and Amazon FSx for Windows File Server file systems

    • VMware workloads on premises and in VMware Cloud on AWS

    • Storage Gateway volumes

    The cost of AWS Backup is based on the storage that you consume, restore, and transfer in a month. For more information, see the AWS Backup pricing.

  • AWS Elastic Disaster Recovery continuously replicates your machines into a low-cost staging area in your target AWS account and preferred Region. You can use Elastic Disaster Recovery for on premises-to-cloud DR and cross-Region DR.

  • AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past. In this view, you can see how the resource configuration and relationships have changed over time.

    When you turn on AWS Config configuration recording for your AWS resources, you maintain a history of your resource relationships over time. This helps to identify and track AWS resource relationships (including deleted resources) for up to seven years. For example, AWS Config can track the relationship of an Amazon EBS snapshot volume and the EC2 instance to which the volume was attached.

  • AWS Lambda can be used to programmatically define and automate your backup and recovery procedures for your workloads. You can use the AWS SDKs to interact with AWS services and their data. You can also use Amazon CloudWatch Events to run your Lambda functions on a scheduled basis.

AWS services provide specific features for backup and restore. For each AWS service that you are using, consult the AWS documentation to determine the backup, restore, and data protection features provided by the service. You can use the AWS Command Line Interface (AWS CLI), AWS SDKs, and API operations to automate the AWS service–specific features for data backup and recovery.