AWS News Blog
AWS Storage Gateway – APIs and IAM Support
We have added two new features to the AWS Storage Gateway: a powerful set of APIs and support for AWS Identity and Access Management (IAM).
AWS Storage Gateway APIs
Up until now, the AWS Storage Gateway was configurable through the AWS Management Console. You can now configure and manage your gateways programmatically, using the Storage Gateway APIs or the AWS SDKs for .Net, Java, or PHP.
You can do all sorts of things with the new functions. Here are a few suggestions to get you started:
- Automate your disaster recovery workflow. You can use the AWS APIs to automate the entire failover and recovery process including creation of EBS volumes from the latest snapshots of your on-premises data, launching and configuration of EC2 instances, and attachment of the EBS volumes to the instances.
- Migrate on-premises storage to AWS on an on-demand, as-needed basis. You could, as an example, copy local data to the cloud on a Friday afternoon, process the data on some EC2 instances over the weekend, and return the processed data to local storage before the start of the work week.
- Implement snapshot retention policies.
- Reduce the gateway’s bandwidth consumption during off-peak hours, freeing it up for other applications.
Here are the major Storage Gateway functions (consult the new Storage Gateway API docs for complete info):
- Gateway Management: ActivateGateway, DeleteGateway, ListGateways, DescribeGatewayInformation, UpdateGatewayInformation.
- Gateway Operation: StartGateway, ShutdownGateway, DescribeBandwidthRateLimit, UpdateBandwidthRateLimit, DeleteBandwidthRateLimit, DescribeMaintenanceStartTime, UpdateMaintenanceStartTime, UpdateGatewaySoftwareNow.
- Storage Management: AddWorkingStorage, DescribeWorkingStorage, CreateStorediSCSIVolume, DeleteVolume, DescribeStorediSCSIVolumes, DescribeChapCredentials, UpdateChapCredentials, DeleteChapCredentials.
- Snapshot Management: DescribeSnapshotSchedule, UpdateSnapshotSchedule, CreateSnapshot.
The AWS Simple Workflow Service is the perfect complement to these APIs. You can easily automate long-running processes, handle exceptional cases, and much more.
You can improve your operational security by using our new IAM support to implement fine-grained access controls for your gateways and your storage volumes. For example, you can create multiple Users within your AWS account and then specify which actions a User or group of Users can perform on specific gateways. Because each User has a unique set of security credentials, you don’t need to share passwords or access keys.