What is Amazon S3 Glacier?
Amazon S3 Glacier is an extremely low-cost storage service that provides secure and durable storage for data archiving and backup and when data recovery is not frequent. If your application requires fast or frequent access to your data, consider using Amazon S3 rather than S3 Glacier.
In S3 Glacier, you will create a vault which is a container for storing your objects such as photos, videos, or documents. S3 Glacier provides a management console that you can use to upload and download any archive to the vault you created. Amazon S3 Glacier supports three ways of uploading your data object:
- AWS Software Development Kits (SDKs) for Java
- .NET high-level API
- AWS CLI tools installed on a computer
In this blog, we will create a vault, upload an object, and retrieve using a third party upload & download tool called FastGlacier. During this process, we will also enable Amazon Simple Notifications Service (SNS) for sending notifications to you or your application whenever certain S3 Glacier jobs are completed.
Prerequisites for storing archives in a vault in S3 Glacier
- A valid AWS account
- A newly created S3 Glacier Vault
- A computer with archival data installed with FastGlacier software with a Pro license or installed with AWS CLI tools
Creating a vault in S3 Glacier
Step 1: Vault Name
Go to S3 Glacier service using the AWS Management Console or by accessing this link.
If you have not used S3 Glacier earlier, click Getting started, or click Create vault under Amazon S3 Glacier vaults.
Select the region in which you want to create the S3 Glacier vault, and provide a vault name.
Click Next Step to continue.
Step 2: Event notifications
In this step, you can choose to have notifications sent to you or your application about S3 Glacier jobs by using Amazon Simple Notifications Service (SNS).
Here we are enabling notifications, so select the second option – Enable notifications and create a new SNS topic.
Click Next Step to continue.
Step 3: Event notifications details
In this step, configure the SNS topic that you want to send notifications, and what type of jobs you want to trigger notifications.
Provide a topic name and Display name. The Display Name will be used for the From field in Email notification deliveries and appear as a topic identifier in SMS messages.
Here we are selecting both the available jobs to trigger email notifications
- Archive Retrieval Job Complete – When retrieving data from S3 Glacier, you first initiate an archive retrieval job. Selecting Archive Retrieval Job Complete sets the job completion event as a trigger to send an email notification message to the configured SNS topic.
- Vault Inventory Retrieval Job Complete – When retrieving a vault’s inventory from S3 Glacier, you first initiate an inventory retrieval job. Selecting Vault Inventory Retrieval Job Complete sets the job completion event as a trigger to send an email notification message to the configured SNS topic.
Click Next Step to Continue
Step 4: Review
In the final step, review the information you provided, and on the confirmation, click Submit.
After a few minutes, your vault will be ready to store your archive and can be viewed under Amazon S3 Glacier vaults with relevant details.
Note: Inventory the Last update provides the date on which your inventory was last updated in your system’s time zone.
Vault details from the Inventory Last Update:
- Size – The size of your vault at the time of the latest vault inventory
- # of Archives – The number of archives at the time of the latest vault inventory.
- Vault Lock – You can set a Vault Lock policy to enforce compliance controls and automate actions in your S3 Glacier vault.
- Permissions – You can set a Vault Access Policy to manage permissions to your vault in addition to the IAM policies.
Working with Glacier vault
Any archive operations such as upload, download, and deletion can be performed on the objects required to use AWS CLI tools or write code. Since AWS S3 Glacier does not provide any console support for these operations, you must either use the AWS CLI or write code to make requests, using either the REST API directly or by using the AWS SDKs.
For more information on uploading your archive data to the vault using AWS SDKs
Learn the steps to upload using the AWS SDK for Java – Amazon S3 Glacier, by clicking here.
Learn the steps to upload using the AWS SDK for .NET – Amazon S3 Glacier, by clicking here.
For more information on working with CLI commands on S3 Glacier, click here.
If you do not know to program and want an easy drag and drop functionality, you can use third party commercial application(s) which provide a user interface to carry out upload, download and delete operations easily. In this Howto, we are using a third party application called FastGlacier which conveniently does these operations easily by its own interface.
Note that you require a pro license of FastGlacier to run the application for commercial purposes. Before doing archive operation, a user needs to be created in AWS IAM, and the Access Key ID & Secret Access Key for that user to be configured in FastGlacier application.
Creating a user in IAM
Login to AWS console
Select IAM under Security, Identity & Compliance
Under user click Add User with AWS Access type as Programmatic access. This will enable an access key ID & secret access key for configuring AWS API, CLI,SDK tools, and any third party software applications to connect Amazon S3 Glacier.
Install FastGlacier application on the server system, from where you want to archive the data into Glacier. Add a new account for connecting your Amazon S3 Glacier account by providing Account Name, Account Type as Amazon Glacier, Access Key ID and Secret Access Key details for the user created in AWS IAM
Click Add new account. This interface will list all the available AWS S3 Glacier regions, for better performance, select your region where the currently created S3 Glacier vault is located. Now you can upload, download, and delete (all file operations) and create folders.
In case if you don’t require your vault, you can delete the vault any time, after deleting the uploaded archive data. If you are sure your data is not required you can delete the data first and then, you can delete the vault any time, by clicking delete vault corresponding to that vault from the list.
Also if you uploaded/deleted any files to/from the vault over the last 24 hours, please wait until the last inventory updates. This may take up to 24 hours.
You will be asked to confirm for the deletion, click Delete vault
For any organization looking for a low-cost secure storage service, AWS S3 Glacier is the first choice. Though both S3 and Glacier services offer dependable and highly durable storage for the Internet, Amazon S3 was designed for rapid retrieval while Glacier provides cost-effective storage for as little as $0.01 per Gigabyte per month while retrieving data within three to five hours. So, you can choose where to use S3 and Glacier for your backup purposes.
Start your free trial of Vembu Backup for AWS
Vembu BDR Suite offers an agentless and cloud-native backup solution to protect your instances across any AWS account and region while ensuring instant recovery options.
- Backup from any AWS account and region
- Flexible Backup scheduling and retention
- Application-aware processing
- Instance-level and Volume-level Recovery
To learn more about Vembu Backup for AWS, click here.