
Imagine that a syndicate of cybercriminals breaks into an enterprise network and gains access to restricted business data. They go straight to manipulating the data, and in a moment, unsuspecting users around the world are using doctored information.
For such cases, snapshots are an ultimate game-changer. A copy of the point-in-time (PIT) data, snapshots prevent previously existing data to be modified or tampered with.
But don’t relax too soon. Snapshots have their limitations as well. For example, they do nothing to protect against data loss caused by a security infiltration, a disaster, or a simple hardware failure. When the storage fails, the snapshots disappear too.
Reimagining Snapshots
Amazon Web Services took this disadvantage and turned it around with the Amazon Elastic Block Store (EBS) Snapshots. During their presentation at the recent Storage Field Day event, AWS presented Amazon EBS Snapshots, a data protection service that makes it possible to revert data loss.
Presenter, Kirill Davydychev, Solutions Architect, explained how EBS snapshots are different from snapshots in traditional storage environments.
“When you take a snapshot in EBS, all of the data in the background is copied to Amazon S3.”
AWS uses service-owned S3 buckets that customers do not have direct access to.
Users can take multi-volume snapshots that are synchronized and crash-consistent. This can be done with one instantaneous API call. Once created, snapshots are then copied to the S3 bucket.
The time to copy depends on the size of the batch. Once the process is complete, snapshots can be restored to another EBS volume.
Snapshot Types
AWS offers two tiers of EBS snapshots – Standard Snapshots and Snapshots Archive, for short and long-term retention. Standard Snapshots are stored incrementally which ensures that customers pay only for the changed blocks.
“You repeat as you take multiple snapshots of your particular volume. Only the changes are synchronized to S3, and they are stored there using what we call chunks. So those chunks can have a different block size to your actual volume block size,” said Mr. Davydychev.

Standard Snapshots are typically used for backup and recovery, application refresh, disaster recovery and ransomware protection use cases. They have a restore time of a few seconds.
The second variety, EBS Snapshots Archive, is best fitted for compliance use cases where customers need to store data for long terms for regulatory reasons. 75% more affordable, it does not offer real-time access to the data. It takes anywhere between 24 to 72 hours to restore the largest set of snapshots.
“When we archive a snapshot, we have to essentially fully hydrated it and store it as a single object in a lower S3 tier.”
Lifecycle Management
EBS Snapshots integrate with Amazon Data Lifecycle Manager (DLM). It is an UI-based scheduler that enables lifecycle management with features like policy-based snapshot creation on hourly to yearly basis, flexible retention, copying and sharing and more.
Users can set up automatic backup scheduling and retention management for a chosen set of volumes. Policy-based deletion on the lifecycle manager allows expired snapshots to be removed automatically.
Deleted snapshots are sent to a Recycle Bin where they are retained for a set period of time before being permanently removed. Quick recovery allows all accidentally deleted files to be restored back to production with a single click or an API call before expiration.
Wrapping Up
Snapshots are an excellent way to meet recovery-point objectives that are measured in minutes or hours. Amazon EBS Snapshots eliminate the risks of single point-of-failure. By copying snapshots to a secure and restricted S3 bucket, it offers a convenient way to backup EBS volumes, and enable disaster recovery at a lower cost.
To know more about Amazon EBS Snapshots, check out AWS’ presentations from the recent Storage Field Day event.

