Posted On: Apr 16, 2020

AWS Snowball now supports local AWS Identity and Access Management  (IAM), allowing you to securely manage access to AWS services and resources running on your Snowball device by controlling what actions users can take, and what AWS resources on the device users can take those actions on.

Prior to this launch, Snowball devices were securely protected by requiring a user to provide an unlock code and a manifest file. Any user with those credentials had full access to the device. Now with IAM for Snowball, after unlocking a device, you can easily create and manage AWS users and utilize permissions to allow and deny their access to the AWS resources on your Snowball device. With this enhancement, if you have multiple users operating the same Snowball device, you can ensure that each user is granted the appropriate permissions.

If you have applications using API operations to issue AWS IAM, Amazon S3, Amazon EC2, or AWS STS commands on Snowball, please note that for devices ordered after November 2, 2020, you must specify the region in these commands as "snow".

This feature is available in AWS Regions where Snowball is supported and is available at no additional cost. To learn more and get started, please refer to the following resources:

AWS Snowball product page
AWS Snowball documentation
Jeff Barr Blog: AWS Snow Family Update
AWS Snowball Edge Data Migration Guide
AWS Console