AWS Storage Blog
Category: Technical How-to
Recovering AWS GovCloud (US) workloads using CloudEndure Disaster Recovery
AWS GovCloud (US) hosts sensitive data and regulated workloads. It also addresses the most stringent U.S government security and compliance requirements. For customers using AWS GovCloud (US), the ability to recover workloads is a top priority in order to keep business running as usual and adhere to relevant compliance requirements. Getting quickly back up and […]
Securing your AWS Transfer Family SFTP and FTPS VPC public endpoints
Customers who use the AWS Transfer Family service are typically exchanging files with their business partners over an internet facing endpoint. In doing so, they need to secure these public endpoints so that they are only accessible to known IP addresses and secured against dictionary attacks and port scanners. We previously walked you through how the AWS […]
Storage for I/O-intensive SQL Server using Amazon EBS io2 Block Express
If you’ve tried to optimize Amazon EBS performance for your SQL Server workload before, you may have come across this blog post from late 2019. Until December 2020, with SQL Server workloads that required more than 80,000 IOPS or 2,375 MB/s of throughput, your only high-performance option was an NVMe-powered Amazon EC2 instance store. These […]
Enforcing ownership of Amazon S3 objects in a multi-account environment
Today, Amazon S3 hosts over 100 trillion objects and regularly peaks at tens of millions of requests per second. As the set of use cases for S3 has expanded, our customers have asked us for new ways to regulate access to their mission-critical buckets and objects. For example, with a data lake hosted on Amazon […]
Synchronizing your data to Amazon S3 using AWS DataSync
There are many factors to consider when migrating data from on premises to the cloud, including speed, efficiency, network bandwidth and cost. A common challenge many organizations face is choosing the right utility to copy large amounts of data from on premises to an Amazon S3 bucket. I often see cases in which customers start with a free […]
Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family
AWS customers sometimes host AWS Transfer Family endpoints in network address translation (NAT) architectures. One common reason to host the AWS Transfer endpoint behind a NAT is to protect the server with a firewall offered by an AWS Marketplace partner. With the SFTP protocols, there are generally no major issues with using NAT architectures and […]
Accessing CloudEndure Disaster Recovery with Okta single sign-on
Many organizations use single sign-on (SSO) to ensure security and compliance, streamline access management, and improve their user experience. Some organizations require all corporate applications, workloads, and solutions to use SSO for authentication, including their disaster recovery (DR) solution. You can integrate CloudEndure Disaster Recovery, offered by AWS, into your identity provider’s (IdP) SSO using […]
Monitoring and reporting Amazon FSx user access events using Splunk
UPDATE 9/8/2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Monitoring end-user activity and access to data is core to any modern data security strategy. As customers migrate workloads to the cloud, logging end-user accesses of customer data is a key component of internal security policies and is required to meet […]
How to use AWS DataSync to migrate data between Amazon S3 buckets
Update (6/14/2022): The “Copying objects across accounts” section has been updated to reflect the new Amazon S3 Object Ownership feature, an S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket. You no longer need to configure your cross-account AWS DataSync task to […]
Data management at scale using Amazon S3 Batch Operations
A challenge for many enterprises with data at the scale of petabytes is managing and taking actions on their data to migrate, improve efficiency, and drive down costs through automation. Amazon S3 buckets can hold billions of objects and exabytes of data, letting you build your applications with the ability to grow and scale as […]