As with volume and tape gateways, you now have the option to create a file gateway that runs on an EC2 instance. This enables storing and retrieving Amazon S3 objects through standard file storage protocols from within EC2 for in-cloud workloads, application and data migration, and disaster recovery. The management console provides step-by-step instructions and walks you through creating a gateway running in EC2.
For added security on your file shares, you can now configure a list of IP addresses or networks that are allowed to mount the NFS export. This restricts access through the gateway to a set of known clients, and can be used as an alternative to network or firewall rules to control access to data in your S3 buckets. The list of allowed clients can be configured for new and existing file shares using the management console or service API.
These new capabilities are available in an updated VM image downloadable from the management console. For existing file gateways, asoftware update will be applied automatically during your next scheduled weekly maintenance. You can also apply the update manually through themanagement console orservice API.