AWS Storage Gateway
AWS Storage Gateway — hybrid cloud storage service bridging on-premises environments with AWS cloud storage. Covers gateway types (S3 File, FSx File, Volume, Tape), use cases, and cross-cloud equivalents.
Overview
AWS Storage Gateway is a hybrid cloud storage service that connects on-premises environments to AWS cloud storage. It presents cloud storage as a locally-accessible interface (NFS, SMB, iSCSI) so that existing applications can use AWS storage without code changes.
Key use cases:
- Extend on-premises storage capacity to AWS without replacing existing infrastructure
- Back up on-premises data to AWS cost-effectively
- Migrate data to AWS gradually (hybrid → cloud)
- Disaster Recovery (DR) using cloud storage as a secondary site
Gateway Types
S3 File Gateway
Connects to Amazon S3 via NFS or SMB. Files written through the gateway are stored as S3 objects.
- On-premises applications see a standard POSIX/SMB share
- Files are transparently stored in S3 with their original file path preserved as the object key
- Local cache on the gateway appliance enables low-latency access to recently accessed files
- Supports all S3 storage classes via lifecycle policies
Use Cases:
- Bulk file offload to S3 from on-premises NFS/Windows shares
- Backup target that lands in S3 for lifecycle to Glacier
FSx File Gateway
Connects to Amazon FSx for Windows File Server via SMB.
- Provides a local cache for frequently accessed files; reduces latency for Windows users
- Ideal for consolidating Windows file shares from multiple branch offices into a single FSx file system in AWS
- Supports Active Directory (AD) authentication end-to-end
Use Cases:
- Branch office file storage with central FSx repository
- Replacing aging on-premises Windows file servers with cloud-backed storage
Volume Gateway
Presents on-premises block storage volumes via the iSCSI protocol. Two modes:
| Mode | Description | Best For |
|---|---|---|
| Cached Volumes | Primary data stored in S3; frequently accessed data cached locally. Up to 32 TB per volume. | Large datasets that exceed local storage; need cloud as primary |
| Stored Volumes | Primary data stored locally; asynchronously backed up to S3 as EBS snapshots. Up to 16 TB per volume. | Low-latency local access required with cloud backup |
SAA/SAP Tip: Cached Volumes = primary storage is in AWS (S3), local cache for hot data. Stored Volumes = primary storage is on-premises, cloud is the backup. This distinction appears frequently in scenarios.
Tape Gateway (Virtual Tape Library — VTL)
Presents a virtual tape library via iSCSI. Compatible with existing backup software (Veeam, Veritas Backup Exec, Commvault, etc.).
- Virtual tapes stored in Amazon S3 (immediately retrievable)
- Archived tapes moved to S3 Glacier or S3 Glacier Deep Archive (retrieval in hours–days)
- Eliminates physical tape media, offsite tape shipping, and tape hardware costs
Use Cases:
- Replace physical tape backup with cloud-backed virtual tapes
- Zero-change replacement for existing tape-based backup infrastructure
Exam Trap: Tape Gateway does NOT provide fast restore times. Virtual tapes archived in Glacier Deep Archive take up to 12 hours to retrieve. For fast recovery, use S3-backed snapshots or EBS snapshots instead.
Deployment Options
Storage Gateway runs as a VM appliance or hardware appliance:
| Option | Description |
|---|---|
| VM on-premises | Download and deploy as a VMware ESXi, Microsoft Hyper-V, or KVM virtual machine |
| Amazon EC2 | Deploy as an EC2 instance for cloud-to-cloud hybrid scenarios or testing |
| Hardware appliance | Physical 1U rack server shipped by AWS; for environments without hypervisors (e.g., remote offices) |
SAA/SAP Exam Tips
SAA/SAP Tip: Any scenario involving on-premises → AWS storage integration, hybrid workloads keeping data on-prem with cloud backup, or "extending datacenter storage to AWS" points to AWS Storage Gateway.
SAA/SAP Tip: The four gateway types map to different protocols: - NFS/SMB
- S3 → S3 File Gateway - SMB + FSx → FSx File Gateway - iSCSI block + S3 → Volume Gateway - iSCSI tape + S3/Glacier → Tape Gateway
Exam Trap: Storage Gateway is NOT a migration tool. For large-scale data migration to AWS, use AWS DataSync (online) or AWS Snowball (offline). Storage Gateway is for ongoing hybrid access, not one-time bulk transfer.
Cross-Cloud Equivalents
| Provider | Service / Solution | Notes |
|---|---|---|
| AWS | AWS Storage Gateway | Baseline hybrid cloud storage bridge |
| Azure | Azure File Sync | Primarily Windows SMB focus; syncs on-prem Windows file servers to Azure Files |
| GCP | Storage Transfer Service / NetApp Cloud Volumes | STS for bulk migration; no direct NFS/iSCSI bridge equivalent |
| On-Premises | No equivalent | Storage Gateway's purpose is to connect on-prem to cloud; on-prem has no "cloud" to bridge to |
Pricing Model
- S3 File / FSx File Gateway: per GB of data written and retrieved through the gateway
- Volume Gateway: per GB of storage provisioned in S3 (cached) or EBS snapshot data stored
- Tape Gateway: per GB of virtual tape data stored in S3; per GB archived to Glacier
- Hardware appliance: one-time purchase fee
Related Services / See Also
- Amazon S3 — destination storage for S3 File and Volume Gateways
- Amazon EFS and FSx — fully cloud-native file storage alternatives when migration is complete
- Amazon EBS — Volume Gateway stores EBS snapshots in S3 for restore
- AWS DataSync — automated, fast data migration (not ongoing hybrid storage)
- AWS Snowball — offline petabyte-scale data transfer to AWS
Amazon S3
Amazon Simple Storage Service (S3) — scalable object storage. Covers storage classes, lifecycle policies, security, versioning, replication, and cross-cloud equivalents.
Cost Optimization
AWS cost management — strategies for right-sizing, pricing models, reserved capacity, and tooling to reduce cloud spend without sacrificing performance.