Getting Started with Amazon Storage Gateway - Amazon Storage Gateway
Sign up for Amazon Web ServicesCreate an IAM user with administrator privilegesAccessing Amazon Storage GatewayAmazon Web Services Regions that support Storage Gateway
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon FSx File Gateway documentation has been moved to What is Amazon FSx File Gateway?

Volume Gateway documentation has been moved to What is Volume Gateway?

Tape Gateway documentation has been moved to What is Tape Gateway?

Getting Started with Amazon Storage Gateway

This section provides instructions for getting started with Amazon. You need an Amazon account before you can start using Amazon Storage Gateway. You can use an existing Amazon account, or sign up for a new account. You also need an IAM user in your Amazon account that belongs to a group with the necessary administrative permissions to perform Storage Gateway tasks. Users with the appropriate privileges can access the Storage Gateway console and Storage Gateway API to perform gateway deployment, configuration, and maintenance tasks. If you are a first-time user, we recommend that you review the Supported Amazon regions and File Gateway setup requirements sections before you being working with Storage Gateway. For more information, see the following topics:

Sign up for Amazon Web Services

An Amazon Web Services account is a fundamental requirement for accessing Amazon services. Your Amazon Web Services account is the basic container for all of the Amazon resources you create as an Amazon user. Your Amazon Web Services account is also the basic security boundary for your Amazon resources. Any resources that you create in your account are available to users who have credentials for the account. Before you can start using Amazon Storage Gateway, you need to sign up for an Amazon Web Services account.

If you do not have an Amazon Web Services account, use the following procedure to create one.

To sign up for Amazon Web Services

  1. Open http://www.amazonaws.cn/ and choose Sign Up.

  2. Follow the on-screen instructions.

We also recommend that you require your users to use temporary credentials when accessing Amazon. To provide temporary credentials, you can use federation and an identity provider, such as Amazon IAM Identity Center. If your company already uses an identity provider, you can use it with federation to simplify how you provide access to the resources in your Amazon account.

Create an IAM user with administrator privileges

After you create your Amazon account, use the following steps to create an Amazon Identity and Access Management (IAM) user for yourself, and then add that user to a group that has administrative permissions. For more information about using the Amazon Identity and Access Management service to control access to Storage Gateway resources, see Identity and access management for Amazon Storage Gateway.

Secure IAM users

After you sign up for an Amazon Web Services account, safeguard your administrative user by turning on multi-factor authentication (MFA). For instructions, see Enable a virtual MFA device for an IAM user (console) in the IAM User Guide.

To give other users access to your Amazon Web Services account resources, create IAM users. To secure your IAM users, turn on MFA and only give the IAM users the permissions needed to perform their tasks.

For more information about creating and securing IAM users, see the following topics in the IAM User Guide:

Warning

IAM users have long-term credentials which present a security risk. To help mitigate this risk, we recommend that you provide these users with only the permissions they require to perform the task and that you remove these users when they are no longer needed.

Accessing Amazon Storage Gateway

You can use the Amazon Storage Gateway console to perform various gateway configuration and management tasks. The Getting Started section and various other sections of this guide use the console to illustrate gateway functionality.

Additionally, you can use the Amazon Storage Gateway API to programmatically configure and manage your gateways. For more information about the API, see API Reference for Storage Gateway.

You can also use the Amazon SDKs to develop applications that interact with Storage Gateway. The Amazon SDKs for Java, .NET, and PHP wrap the underlying Storage Gateway API to simplify your programming tasks. For information about downloading the SDK libraries, see the Amazon Developer Center.

For information about pricing, see Amazon Storage Gateway pricing.

Amazon Web Services Regions that support Storage Gateway

An Amazon Web Services Region is a physical location in the world where Amazon has multiple Availability Zones. Availability Zones consist of one or more discrete Amazon data centers, each with redundant power, networking, and connectivity, housed in separate facilities. This means that each Amazon Web Services Region is physically isolated and independent of the other Regions. Regions provide fault tolerance, stability, and resilience, and can also reduce latency. The resources that you create in one Region do not exist in any other Region unless you explicitly use a replication feature offered by an Amazon service. For example, Amazon S3 and Amazon EC2 support cross-Region replication. Some services, such as Amazon Identity and Access Management, do not have Regional resources. You can launch Amazon resources in locations that meet your business requirements. For example, you might want to launch Amazon EC2 instances to host your Amazon Storage Gateway appliances in an Amazon Web Services Region in Europe to be closer to your European users, or to meet legal requirements. Your Amazon Web Services account determines which of the Regions supported by a specific service are available for you to use.