Getty Images/iStockphoto

AWS adds vaulting, multi-cloud services at Storage Day

The hyperscaler introduced new features and services to AWS including an air-gapped cyber vault service and support for multi-cloud at its annual storage event.

The latest storage updates from AWS aim to streamline using its services in multi-cloud storage environments and add to the capabilities of its cyber-recovery tools.

Highlights from the vendor's Storage Day 2023 Wednesday include a new logically air-gapped cyber vault managed service, performance improvements to AWS storage services and support for more diverse multi-cloud environments.

The updates, particularly support for storage services in competing clouds, show AWS' continued interest in remaining the infrastructure backbone for enterprises either migrating to the cloud or reevaluating cloud expenses, said Dave McCarthy, research vice president at IDC.

AWS wants to maintain its lead in the infrastructure market regardless of the workload.
Dave McCarthyResearch vice president, IDC

"AWS wants to maintain its lead in the infrastructure market regardless of the workload," he said. "However, many customers are generating data outside of AWS environments and must decide whether to keep that data where it is or migrate it to AWS."

Prime vaulting capabilities

AWS Backup's new logically air-gapped vault provides an extra level of assurance by storing copies of backups encrypted with AWS-owned, undeletable keys and a mandatory vault lock for retention. The standard managed backup vault service allows encryption keys to be owned by the customer or AWS, and the user must opt in to the vault lock feature.

The air-gapped vault can be shared for recovery across accounts and across organizations with direct restore capabilities.

For managed backup service customers, the new vault service, now in preview, is available at no additional cost and requires keeping primary backups in backup vaults at standard AWS pricing.

While the air-gapped vault service is limited to data within AWS, it enables the hyperscaler to directly compete with competitors' backup services such as Cohesity's FortKnox, which uses AWS vaulting technology already, McCarthy said.

"This is good news for AWS customers since it eliminates the need for a third-party solution," he said. "[But] many customers will still require a solution that extends data protection to multiple clouds."

Multi-cloud storage shipping

AWS might continue holding a lead in enterprise adoption over competitors such as Microsoft Azure or Google Cloud Platform, but the hyperscaler isn't completely blind to the multi-cloud demands of customers looking to build data lakes for generative AI, according to Andrew Warfield, vice president and engineer at AWS.

The AWS console for creating managed vault services.
AWS' managed vault services now offers a logically air-gapped option with keys under AWS control.

"We can think of our storage services as a hub that lets you take advantage of all these other services," he said.

AWS DataSync, a file and object data transfer service for on-premises systems and the cloud, has expanded support for cloud storage targets. Customers can now copy data to and from DigitalOcean Spaces, Wasabi cloud storage, Backblaze B2 Cloud Storage, Cloudflare R2 Storage and Oracle Cloud Storage. The service also supports transfers to and from Google Cloud Storage, Azure Files and Azure Blob Storage.

The added interoperability shows the hyperscaler's realization that it isn't the only cloud used in the enterprise, said Ray Lucchesi, president and founder of Silverton Consulting. Third-party vendors, such as IBM or VMware, already offer the flexibility between clouds that AWS now touts, but having AWS services available in multi-cloud environments is a net positive.

"[AWS] seems to be beginning to understand they aren't the only game in town anymore and they need to play well [with others] in order to gain even more traction in the enterprise," Lucchesi said.

Users should also remain aware that nothing is free, as each provider might charge for data movement, said Dave Raffo, an analyst at Futurum Group.

"Customers need to keep in mind that they will often pay egress fees for moving these files between clouds," he said.

Customers interested in keeping their cloud file data within AWS using Amazon FSx for OpenZFS can now choose a multiple AWS Availability Zone deployment option. The feature enables a file storage system to exist across multiple AWS data centers for increased uptime and access points.

Mountpoint for Amazon S3, previewed earlier this year, is now generally available. Mountpoint for Amazon S3 is an open source file client that lets customers access Amazon S3 buckets and object storage using file storage APIs. Object storage in AWS and other clouds is typically priced lower than file storage services.

AWS also unveiled the new file release capability for Amazon FSx for Lustre, which enables customers of the high-performance file data service to release files into colder and cheaper Amazon S3 storage tiers using specific criteria and policies for later retrieval.

Tim McCarthy is a journalist from the Merrimack Valley of Massachusetts. He covers cloud and data storage news.

Dig Deeper on Cloud storage

Disaster Recovery
Data Backup
Data Center
and ESG