Join us
@boldlink ・ Jun 17,2022 ・ 6 min read ・ 1455 views
When it comes to Data, we understand that misconfigurations can expose your data to be exposed or exploited against our customers. But if guided in the correct way to use the best solutions on AWS, they can avoid the misconfigurations and pitfalls of having an abundance of choices on AWS.
AWS Shared Responsibility Model, your Data lifecycle access and protection on AWS is yours, the customers, responsibility, thinking otherwise will expose you to unrecoverable data loss or compromise.
Backup of your data can be done through AWS Backup, this service covers Amazon EBS, Amazon FSx, Amazon EC2, Amazon RDS, Amazon DynamoDB, Amazon EFS, and AWS Storage Gateway, the features allow you to manage backup policies, tagging, scheduling, encryption etc.
Cross-region and Cross-account capabilities allow AWS Customers to store their backup data in different AWS Regions and backup across Different AWS accounts natively.
All backup data stored on AWS S3 block storage, AWS S3 SLA’s are 99.999999999% durability and 99.99% availability, automatically, each PUT (write) operation is repeated across different AWS facilities on the same region and if one of these copies becomes corrupted or unavailable a copy will be used to automatically and transparently replace the lost version.
It is worth mentioning that Backups are stored on an “invisible” S3 structure associated with your AWS account to protect your backups further, for example; if a user deletes a bucket by mistake. More information is available here.
We recommend getting familiar with AWS S3 capabilities further since it is a centrepiece of your Data strategy on AWS, for more information, go here.
AWS S3 is an Object Storage type, which means that you use it to keep data for short or long-term storage (analogous to a physical storage warehouse) and retrieve it when needed, but not for real-time read/write storage ex. your laptop or pc hard drive or the AWS EBS volume attached to your AWS EC2 instance.
Redundancy, AWS provides Regions that are intended to be independent geographical areas of Availability Zones, which are different physical data centres within a single region.
When it comes to the redundancy of your storage, you must configure or choose Multi-AZ configuration as a minimum. Still, for the crucial and business-impacting Data, you must also enable data replication options, for example, let us look at three services to show you how you configure and extend their redundancy.
For long-term storage; we must talk about AWS S3 and add AWS Glacier and AWS Snowball. AWS S3 Object storage is your ideal long-term storage from a durability and cost perspective.
It offers different storage types, which allow you to choose between performance and durability vs less durability (two AZs instead of three) and more performance but lower cost, or lower performance with high durability, with AWS S3 Glacier costing a fraction of all other Storage types on AWS.
Both S3 and Glacier allow for lifecycle policies that can be used to manage your Data’s lifecycle automatically, be it in months or years and let us not forget the Object Locking which protects your Data from any accidental or malicious data deletion or tampering.
AWS Snowball is a device delivered to the customers’ facilities and used when talking of large amounts of data to transfer between Customer facilities and AWS Datacenters, the use cases are broad, and the devices were specifically designed to deliver enormous amounts of Data which otherwise would be unpractical or too sensitive to go over the internet.
Encryption, AWS customers have four options of how to encrypt-at-rest their Data on AWS:
In conclusion, if you want to keep versions of your Data, you can use AWS Backup. For long-term storage, you can use a combination of AWS Backup for up to 365 days of historical backups and keep Database Dumps in S3 for two years and AWS S3 Glacier for five years as an example.
Are you concerned with DR and the rise of data ransomware attacks? Take advantage of AWS S3 Cross-Account replication or Object-Lock on a different AWS region.
The extent you can protect your Data on AWS is quite broad and very customisable, still, at the same with many options to make it cost-effective, we hope that this brief introduction on this topic has guided you to understand the power of AWS cloud better.
Check out our page on Boldlink.io or follow us on LinkedIn here for articles like the Gitlab Runner for AWS.
Join other developers and claim your FAUN account now!
AWS DevOps Consultancy, Boldlink
@boldlinkInfluence
Total Hits
Posts
Only registered users can post comments. Please, login or signup.