Q: What is AWS Snowball Edge?
Snowball Edge is a 100TB data transfer device with on-board storage and compute power for select AWS capabilities. In addition to transferring data to AWS, Snowball Edge can undertake local processing and edge-computing workloads. Features include an S3-compatible end-point on the device, a file interface with NFS support, a cluster mode where multiple Snowball Edge devices can act as a single, scalable, storage and compute pool with increased durability, and the ability to run Lambda functions as data is copied to the device.
Q: How does Snowball Edge work?
You start by requesting one or more Snowball Edge devices in the AWS Management Console based on how much data you need to transfer or process. The buckets and Lambda functions you select are automatically configured, encrypted and preinstalled on your devices before they are shipped to you. Once a device arrives, connect it to your local network and set the IP address either manually or automatically with DHCP. The same is true for setting up a cluster. Then use the Snowball Edge client software, job manifest, and unlock code to verify the integrity of the Snowball Edge device or cluster, and unlock it for use. The manifest and unlock code are uniquely generated and crypto-logically bound to a designated Snowball Edge to help ensure that both cannot be used with any other devices. Data copied to Snowball Edge is automatically encrypted and stored in the buckets you specify.
All logistics and shipping is done by Amazon so when copying is complete and the device is ready to be returned, the E Ink shipping label will automatically update the return address to help ensure that the Snowball Edge device is delivered to the correct AWS facility. Once the device ships, you can receive tracking status via messages sent by Amazon Simple Notification Service (Amazon SNS), generated texts and emails, or directly from the console.
All of the management for your Snowball Edge resources can be performed in the AWS management console and these operations require no on-site system engineers.
Q: What is the difference between Snowball Edge and Snowball?
Snowball is designed as a data transport solution for moving high volumes of data into and out of a designated AWS region. Snowball Edge adds the additional capability to run simple computing functions on the device, for use cases that require local processing before returning the data to AWS. For more details, see the documentation.
Q: Who should use Snowball Edge?
Snowball Edge is the optimal data transfer choice if you need to securely and quickly transfer terabytes to petabytes of data to AWS. You can use Snowball Edge if you have a large backlog of data to transfer or if you frequently collect data that needs to be transferred to AWS and your storage is in an area where high-bandwidth Internet connections are not available or cost-prohibitive. You can also use Snowball Edge to run edge computing workloads such as performing local analysis of data on a Snowball Edge cluster and writing it to the S3-compatible endpoint. You can streamline it into existing workflows leveraging built-in capabilities such as the NFS file interface and migrate files to the device while maintaining file metadata. Snowball Edge can operate in remote locations or harsh operating environments, such as factory floors, oil & gas rigs, mining sites, hospitals, and on moving vehicles. Snowball Edge is pre-configured and does not have to be connected to the internet, so processing and data collection can take place within isolated operating environments. Snowball Edge allows you to run the same software at the edge and access select AWS capabilities as you would with full connectivity to AWS.
Q. Can I use Snowball Edge to migrate data from one AWS region to another AWS region?
No. Snowball Edge is intended to serve as a data transport solution for moving high volumes of data into and out of a designated AWS region. For use cases that require data transfer between AWS regions, we recommend using S3 Cross-Region Replication as an alternative.
Q: How much data can I transfer using Snowball Edge?
You can transfer virtually any amount of data with Snowball Edge, from a few terabytes to many petabytes. You can transfer up to 100TB with a single Snowball Edge and transfer larger data sets with multiple devices, either in parallel, or sequentially. For example, you can transfer 1PB of data with 10 Snowball Edge devices.
Q: How long does it take to transfer my data?
Data transfer speed is affected by a number of factors including local network speed, file size, and the speed at which data can be read from your local servers. The end-to-end time to transfer 100 TB of data into AWS with Snowball Edge is approximately a week, including the usual shipping and handling time in AWS data centers.
Q: How long can I have a Snowball Edge for a specific job?
Snowball Edge devices must be returned within 360 days of the Snowball Edge’s preparation.
Q: What are the specifications on the Snowball Edge device?
Snowball Edge provides 100TB of storage in a ruggedized, rack mountable, shippable form factor. Additionally, it provides local compute capability that is approximately the equivalent of an EC2 m4.4xlarge instance that provides support for a number of additional functions. Check the Snowball Edge documentation page for a complete list of hardware specs, including network connections, thermal and power requirements, decibel output, and dimensions.
Q: What network interfaces does Snowball Edge support?
Snowball Edge includes a 10GBase-T network connection, 10/25Gb SFP28 and 40Gb QSFP+ copper, and optical networking for fast data transfer rates.
Q: What is the Snowball Edge default shipping option? Can I choose expedited shipping?
As a default, Snowball Edge uses two-day shipping by UPS. You can choose expedited shipping if your jobs are time-sensitive.
Local Processing Capabilities
Q: Does Snowball Edge support EC2 instances?
The SBE1 instance type can be provisioned on a AWS Snowball Edge, allowing you to run Amazon Machine Images (AMIs) on the device. You can build and test on EC2 then operate your AMI on a Snowball Edge to address workloads that sit in remote or disconnected locations.
Q: How should I choose between Amazon EC2 compute instances and AWS Lambda functions for my compute needs?
AWS Lambda is a good choice for new applications that want to take advantage of the serverless computing model in AWS and want to run the same applications on the device. Amazon EC2 instances are a good choice when you have existing applications that you would like to run on the device for data pre-processing or when refactoring your existing applications to the serverless model isn’t desirable.
Q: When should I use the SBE1 instances on AWS Snowball Edge?
You should use the SBE1 instances when you have an application running on the edge that is managed and deployed as a virtual machine (an Amazon Machine Image, or AMI).
Q: How do I get started with local computing on Snowball Edge?
You can enable and provision EC2 AMIs or Lambda functions during AWS Snowball Edge job creation using either the AWS Console, AWS Snowball SDK, or AWS CLI.
Q: Can I use existing EC2 APIs to start, stop, and manage instances on the device?
Yes. AWS Snowball Edge provides an EC2 compatible endpoint that can be used to start, stop, and manage your instances on AWS Snowball Edge. This endpoint is compatible with the AWS CLI and AWS SDK.
Q: What EC2 features does AWS Snowball Edge support?
The EC2 endpoint running on AWS Snowball Edge, provides a subset set of EC2 features that customers would find most useful for edge computing scenarios. This includes APIs to run, terminate, and describe your installed AMIs and running instances.
Q: Can I use an existing EBS volume with AWS Snowball Edge?
No. At this time, you cannot use an existing EBS volume with AWS Snowball Edge.
Q: What steps do I need to take to run SBE1 instances on AWS Snowball Edge?
To run SBE1 instances, provide the AMI IDs during job creation and the images come pre-installed when the device is shipped to you.
Q: What Operating System can I run using this feature?
You can run any operating system that is supported by EC2. Amazon EC2 currently supports a wide variety of Linux, UNIX and Windows operating systems; for a complete list of operating systems supported by EC2, refer to the Amazon EC2 FAQs page. For certain operating systems, like Microsoft Windows-based operating systems, you provide your own license to the device.
Q: What kind of workloads can I run on SBE1 instances?
SBE1 instances feature 1.8 GHz Intel Xeon D processors, up to 16 vCPUs, and 32GB of memory and are designed to support edge applications such as IoT sensor data collection, image compression, and machine learning.
Q: How do I ensure that my AMIs are compatible to run on SBE1 instances on AWS Snowball Edge?
AMIs that run on the C5 instance type in AWS, are compatible with SBE1 instances available on AWS Snowball Edge in the vast majority of cases. We recommend that you first test your applications in the C5 instance type to ensure they can be run on the device.
Q: Can I install more than one instance on a device?
Yes. You can run multiple instances on a device as long as the total resources used across all instances on a device is lower than 24 vCPUs and 32GB memory.
Q: How do I use SBE1 instances on an AWS Snowball Edge cluster?
SBE1 instances can run on each node of an AWS Snowball Edge cluster. When you provision an AWS Snowball Edge cluster using the AWS console, you can provide details for instances to run on each node of the cluster, for example, the AMI you want to run, the SBE1 compute instance size you want to use and whether you want them turned on or not by default. Nodes can use the same or different AMIs across each node in a cluster.
Q: How do I launch an instance manually?
Each AMI has an AMI ID associated with it. You can use run-instance command to start the instance by providing this ID. Running this command returns an instance-id value that can be used to manage this instance.
Q: How do I manage the instances on AWS Snowball Edge?
You can check the status of all the images that are installed on the device using the describe-images command. To see the active instances of instances running on the device, you can use the describe-instance-status command.
Q: How do I terminate an existing instance?
You can terminate a running instance using the terminate-instance command.
Q: How are my AMIs protected while in transit?
Snowball Edge encrypts all data, including AMIs, with 256-bit encryption. You manage your encryption keys by using the AWS Key Management Service (KMS). Your keys are never stored on the device and you need both the keys and an unlock code to use the device on-premises. In addition to using a tamper-evident enclosure, Snowball Edge uses industry-standard Trusted Platform Modules (TPM) designed to detect any unauthorized modifications to the hardware, firmware, or software. AWS visually and cryptographically inspects every device for any signs of tampering.
Q: How is software licensing handled with compute instances on AWS Snowball Edge?
You are responsible for licensing any software that you run on your instance. Specifically, for Windows operating systems, you can bring your existing license to the running instances on the device.
Q: In what regions are Snowball Edge available?
Q: Can a Snowball Edge be shipped to an alternate AWS region?
No. Snowball Edge devices are designed to be requested and used within a single AWS region. It may not be requested from one region and returned to another. Snowball Edge devices used for imports or exports from an AWS region in the EU may be used with any of the 28 EU countries. Check the Regional Service Availability pages for the latest information.
Q: Does Snowball Edge encrypt my data?
Snowball Edge encrypts all data with 256-bit encryption. You manage your encryption keys by using the AWS Key Management Service (AWS KMS). Your keys are never stored on the device and all memory is erased when it is disconnected and returned to AWS.
Q: How does Snowball Edge physically secure my data?
In addition to using a tamper-resistant enclosure, Snowball Edge uses industry-standard Trusted Platform Modules (TPM) designed to detect any unauthorized modifications to the hardware, firmware, or software. AWS visually and cryptographically inspects every device for any signs of tampering and to verify that no changes were detected by the TPM.
Q: How does Snowball Edge help digitally secure my data?
Snowball Edge is designed with security in mind for the most sensitive data. All data is encrypted by keys provided by you through AWS Key Management Service (KMS). The keys are not permanently stored on the device and are erased after loss of power. Applications and Lambda functions run in a physically isolated environment and do not have access to storage. Lastly, after your data has been transferred to AWS, your data is erased from the device using standards defined by National Institute of Standards and Technology. Snowball Edge devices are hardened against attack and all configuration files are encrypted and signed with keys that are never present on the device.
Q: Is there a way to easily track my data transfer jobs?
Snowball Edge uses an innovative, E Ink shipping label designed to ensure the device is automatically sent to the correct AWS facility. When you have completed your data transfer job, you can track it by using Amazon SNS generated text messages or emails, and the console.
Import Data with Snowball Edge
Q: How do I transfer my data to the Snowball Edge?
After you have connected and activated the Snowball Edge, you can transfer data from local sources to the device through the S3-compatible endpoint or the NFS file interface, both available on the device. You can also use the Snowball client to copy data. To learn more, please refer to the Snowball Edge documentation.
Q: What do I do when the data has been transferred to the Snowball Edge?
When the data transfer job is complete, the E Ink display on the Snowball Edge automatically updates the return shipping label to indicate the correct AWS facility to ship to. Just drop off the Snowball Edge at the nearest UPS and you're all set. You can track the status of your transfer job through Amazon SNS generated text messages or emails, or directly in the AWS Management Console.
Export Data with Snowball Edge
Q: How quickly can I access my exported data?
We typically start exporting your data within 24 hours of receiving your request, and exporting data can take as long as a week. Once the job is complete and the device is ready, we ship it to you using the shipping options you selected when you created the job.
Workflow Integration Tools
Q: Does the Snowball Edge support API access?
Yes. The Snowball Job Management API provides programmatic access to the job creation and management features of a Snowball or Snowball Edge. It is a simple, standards-based REST web service interface, designed to work with any Internet development environment.
Q: What can I do with the Snowball Job Management API?
The AWS Snowball Job Management API allows partners and customers to build custom integrations to manage the process of requesting Snowballs and communicating job status. The API provides a simple web service interface that you can use to create, list, update, and cancel jobs from anywhere on the web. Using this web service, developers can easily build applications that manage Snowball jobs. To learn more, please refer to AWS Snowball documentation.
Q: What can I do with the S3 Adapter?
The S3 Adapter allows customers to help applications write data from file and non-file sources to S3 buckets on the Snowball or Snowball Edge device. It also includes interfaces to copy data with the same encryption as is available through theSnowball client. To learn more, please refer to the AWS Snowball documentation.
Q: Why would I use the S3 Adapter rather than the Snowball Client?
The Snowball Client is a turnkey tool that makes it easier to copy file-based data to Snowball. Customers who prefer a tighter integration can use the S3 Adapter to easily extend their existing applications and workflows to seamlessly integrate with Snowball.
Q: How is my data secured when I use the S3 Adapter?
The S3 Adapter writes data using the same advanced encryption mechanism that the Snowball Client provides.
Q: Which programming languages does the Snowball S3 Adapter support?
The S3 Adapter communicates over REST which is language-agnostic.