Creating a Gateway - Amazon Storage Gateway
Set up a Tape GatewayConnect your Tape Gateway to AmazonReview settings and activate your Tape GatewayConfigure your Tape Gateway
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon S3 File Gateway documentation has been moved to What is Amazon S3 File Gateway?

Amazon FSx File Gateway documentation has been moved to What is Amazon FSx File Gateway?

Volume Gateway documentation has been moved to What is Volume Gateway?

Creating a Gateway

In this section, you can find instructions on how to download, deploy, and activate a standard Tape Gateway.

Set up a Tape Gateway

To set up a new Tape Gateway

  1. Open the Amazon Web Services Management Console at https://console.amazonaws.cn/storagegateway/home/, and choose the Amazon Web Services Region where you want to create your gateway.

  2. Choose Create gateway to open the Set up gateway page.

  3. In the Gateway settings section, do the following:

    1. For Gateway name, enter a name for your gateway. You can search for this name to find your gateway on list pages in the Storage Gateway console.

    2. For Gateway time zone, choose the local time zone for the part of the world where you want to deploy your gateway.

  4. In the Gateway options section, for Gateway type, choose Tape Gateway.

  5. In the Platform options section, do the following:

    1. For Host platform, choose the platform on which you want to deploy your gateway, then follow the platform-specific instructions displayed on the Storage Gateway console page to set up your host platform. You can choose from the following options:

      • VMware ESXi - Download, deploy, and configure the gateway virtual machine using VMware ESXi.

      • Microsoft Hyper-V - Download, deploy, and configure the gateway virtual machine using Microsoft Hyper-V.

      • Linux KVM - Download, deploy, and configure the gateway virtual machine using Linux KVM.

      • Amazon EC2 - Configure and launch an Amazon EC2 instance to host your gateway. This option is not available for Stored volume gateways.

      • Hardware appliance - Order a dedicated physical hardware appliance from Amazon to host your gateway.

    2. For Confirm set up gateway, select the check box to confirm that you performed the deployment steps for the host platform you chose. This step is not applicable for the Hardware appliance host platform.

  6. In the Backup application settings section, for Backup application, choose the application you want to use to backup your tape data to the virtual tapes associated with your Tape Gateway.

  7. Choose Next to proceed.

Now that your gateway is set up, you need to choose how you want it to connect and communicate with Amazon. For instructions, see Connect your Tape Gateway to Amazon.

Connect your Tape Gateway to Amazon

To connect a new Tape Gateway to Amazon

  1. Complete the procedure described in Set up a Tape Gateway if you have not done so already. When finished, choose Next to open the Connect to Amazon page in the Storage Gateway console.

  2. In the Endpoint options section, for Service endpoint, choose the type of endpoint your gateway will use to communicate with Amazon. You can choose from the following options:

    • Publicly accessible - Your gateway communicates with Amazon over the public internet. If you select this option, use the FIPS enabled endpoint check box to specify whether the connection should comply with Federal Information Processing Standards (FIPS).

      Note

      If you require FIPS 140-2 validated cryptographic modules when accessing Amazon through a command line interface or an API, use a FIPS-compliant endpoint. For more information, see Federal Information Processing Standard (FIPS) 140-2.

      The FIPS service endpoint is only available in some Amazon Regions. For more information, see Storage Gateway endpoints and quotas in the Amazon Web Services General Reference.

    • VPC hosted - Your gateway communicates with Amazon through a private connection with your VPC, allowing you to control your network settings. If you select this option, you must specify an existing VPC endpoint by choosing its VPC endpoint ID from the drop-down menu, or by providing its VPC endpoint DNS name or IP address.

  3. In the Gateway connection options section, for Connection options, choose how to identify your gateway to Amazon. You can choose from the following options:

    • IP address - Provide the IP address of your gateway in the corresponding field. This IP address must be public or accessible from within your current network, and you must be able to connect to it from your web browser.

      You can obtain the gateway IP address by logging into the gateway's local console from your hypervisor client, or by copying it from your Amazon EC2 instance details page.

    • Activation key - Provide the activation key for your gateway in the corresponding field. You can generate an activation key using the gateway's local console. Choose this option if your gateway's IP address is unavailable.

  4. Choose Next to proceed.

Now that you have chosen how you want your gateway to connect to Amazon, you need to activate the gateway. For instructions, see Review settings and activate your Tape Gateway.

Review settings and activate your Tape Gateway

To activate a new Tape Gateway

  1. Complete the procedures described in the following topics if you have not done so already:

    When finished, choose Next to open the Review and activate page in the Storage Gateway console.

  2. Review the initial gateway details for each section on the page.

  3. If a section contains errors, choose Edit to return to the corresponding settings page and make changes.

    Note

    You cannot modify the gateway options or connection settings after your gateway is activated.

  4. Choose Activate gateway to proceed.

Now that you have activated your gateway, you need to perform first-time configuration to allocate local storage disks and configure logging. For instructions, see Configure your Tape Gateway.

Configure your Tape Gateway

To perform first-time configuration on a new Tape Gateway

  1. Complete the procedures described in the following topics if you have not done so already:

    When finished, choose Next to open the Configure gateway page in the Storage Gateway console.

  2. In the Configure storage section, use the drop-down menus to allocate at least one disk with at least 165 GiB capacity for CACHE STORAGE, and at least one disk with at least 150 GiB capacity for UPLOAD BUFFER. The local disks listed in this section correspond to the physical storage that you provisioned on your host platform.

  3. In the CloudWatch log group section, choose how to set up Amazon CloudWatch Logs to monitor the health of your gateway. You can choose from the following options:

    • Create a new log group - Set up a new log group to monitor your gateway.

    • Use an existing log group - Choose an existing log group from the corresponding drop-down menu.

    • Deactivate logging - Do not use Amazon CloudWatch Logs to monitor your gateway.

  4. In the CloudWatch alarms section, choose how to set up Amazon CloudWatch alarms to notify you when gateway metrics deviate from defined limits. You can choose from the following options:

    • Create Storage Gateway's recommended alarms – Create all recommended CloudWatch alarms automatically when the gateway is created. For more information about recommended alarms, see Understanding CloudWatch alarms.

      Note

      This feature requires CloudWatch policy permissions, which are not automatically granted as part of the preconfigured Storage Gateway full access policy. Make sure your security policy grants the following permissions before you attempt to create recommended CloudWatch alarms:

      • cloudwatch:PutMetricAlarm - create alarms

      • cloudwatch:DisableAlarmActions - turn alarm actions off

      • cloudwatch:EnableAlarmActions - turn alarm actions on

      • cloudwatch:DeleteAlarms - delete alarms

    • Create a custom alarm – Configure a new CloudWatch alarm to notify you about your gateway's metrics. Choose Create alarm to define metrics and specify alarm actions in the Amazon CloudWatch console. For instructions, see Using Amazon CloudWatch alarms in the Amazon CloudWatch User Guide.

    • No alarm – Don't receive CloudWatch notifications about your gateway's metrics.

  5. (Optional) In the Tags section, choose Add new tag, then enter a case-sensitive key-value pair to help you search and filter for your gateway on list pages in the Storage Gateway console. Repeat this step to add as many tags as you need.

  6. Choose Configure to finish creating your gateway.

    To check the status of your new gateway, search for it on the Gateway overview page of the Storage Gateway.

Now that you have created your gateway, you need to create virtual tapes for it to use. For instructions, see Creating Tapes.