Cloud Glossary

The AWS account ID is a 12-digit number, such as 123456789012, that you use to construct Amazon Resource Names (ARNs). When you refer to resources, such as an IAM user or an Amazon Glacier vault, the account ID distinguishes your resources from resources in other AWS accounts.

In order to get Application-Consistent snapshots also known as Application Consistent backups on Windows devices you need to install the N2WS Thin Agent. When comes the time to take a snapshots N2WS will alert the agent which will then freeze the application (mainly databases) for a fraction of a second and include any pending transaction not yet committed to the Volume (drive) in order to get a 100% backup.

Amazon Elastic Compute Cloud

Amazon EC2 is a web service that enables you to launch and manage Linux/UNIX and Windows server instances in AWS Cloud.

Amazon Elastic File System

Amazon EFS provides simple, scalable file storage for use with Amazon EC2 instances in the AWS Cloud. Amazon EFS is easy to use and offers a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.

AWS Key Management Service (Amazon KMS)

An Amazon managed service that simplifies the creation and control of encryption keys that are used to encrypt data. N2WS utilizes the keys created by Amazon KMS to keep data in an encrypted state across regions and accounts. At no point in time is the user data in an unencrypted state.

Amazon Relational Database Service (Amazon RDS)

Amazon RDS is a service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.

Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. With Amazon Redshift you can analyze your data using your existing business intelligence tools.

Amazon Simple Storage Service (Amazon S3)

Amazon S3 is storage for the Internet. You can use it to store and retrieve any amount of data, at any time, from anywhere on the web.

A secure, durable, and low-cost storage service for data archiving and long-term backup. You can reliably store large or small amounts of data for significantly less than on-premises solutions. Amazon Glacier is optimized for infrequently accessed data, where a retrieval time of several hours is suitable.

Amazon Simple Storage Service Infrequent Access

S3IA is a lower-cost Amazon S3 storage class for data that is accessed less frequently. Amazon S3 Standard – Infrequent.

Amazon Simple Notification Service (SNS)

Amazon SNS is a notification service provided as part of Amazon Web Services. It provides a low-cost infrastructure for the mass delivery of messages. These messages can be configured to be delivered via email, SMS or even HTML (fed into 3rd party tools). The system is usually referred to as a pub/sub system. You “publish” messages and your “subscribers” will receive it.

An Amazon Machine Image (AMI) is an encrypted machine image stored in Amazon Elastic Block Store (Amazon EBS) or Amazon Simple Storage Service (Amazon S3). AMIs are like a template of a computer’s root drive. They contain the operating system and can also include software and layers of your application, such as database servers, middleware, web servers, and so on.

N2WS Backup & Recovery is an AMI that you download from AWS Marketplace.

AWS Snapshots are “Crash-consistent” by default. This means that when you back up an EC2 instance at a certain time, and later want to restore this instance from backup, it will start the same as a machine that had its power cord pulled out (i.e. booting after a power outage). The file system and any other applications (i.e. a database) using EBS volumes were not prepared or even aware that a backup was taking place, so they may have been in the middle of an operation or transaction and these will be lost. In order remediate to this problem you need Application-Consistent backups (which freeze operations and include transactions in the backup session from the RAM).

Amazon Resource Name (ARN)

(Usually pronounced “arn”)

A standardized way to refer to an AWS resource. For example:

arn:aws:iam::123456789012:user/ division_abc/subdivision_xyz/Bob

Objects in AWS have an ARN to which they can be referred. In context with N2WS, we need ARNs to define which Amazon SNS to use for notifications and alerts.

Amazon Aurora is a fully managed MySQL-compatible relational database engine that combines the speed and availability of commercial databases with the simplicity and cost-effectiveness of open source databases —and it’s VERY fast (about 10 times as fast as Microsoft SQL). Amazon is trying to get more acceptance for the product, due to the fact that it is more expensive. However, Aurora is fully compatible with existing tools. Side note: PostgreSQL is usually pronounced “Postgres” (you simply drop the QL).

Automatic retention refers to the AWS feature which automatically deletes old backup snapshots based on a policy.

Amazon Command Line Interface (AWS CLI)

A unified downloadable and configurable tool for managing AWS services. Control multiple AWS services from the command line.

Each AWS Region is a separate geographic area. Each AWS Region has multiple, isolated locations known as Availability Zones. Resources aren’t replicated across AWS Regions unless you do so specifically.

In N2WS, backups are driven by Policy and Schedule. Once you have setup your Schedule and Policies, the backup session will start automatically for your Amazon EC2 instances, EBS volumes, RDS and Redshift.

In the Backup Monitor, you’ll see all your backup sessions organized by chronological order. You can filter by AWS account, Backup Policies, and Backup Status. For each backup, you can see the start and end times, policy, status and DR status. All operations regarding a backup are present in the Backup Monitor tab of the N2WS dashboard.

Block-level storage is a concept in cloud-hosted data persistence where cloud services emulate the behavior of a traditional block device, such as a physical hard drive. It is a form of Network Attached Storage (NAS). Storage is organized as blocks.

Amazon CloudWatch is an Amazon web service that enables you to monitor and manage various metrics, and configure alarm actions based on data from those metrics. CloudWatch feeds the stream of events into Lambda functions and Amazon SNS. N2WS Backup & Recovery doesn’t require CloudWatch. We communicate with Amazon SNS directly.

A container image is a lightweight, stand-alone, executable software package that includes everything needed to run it: code, run-time, system tools, system libraries, and settings. Available for both Linux and Windows based apps, containerized software will always run the same, regardless of the environment. Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.

A disaster recovery (DR) solution allows you to recover your data and servers in case of a disaster. A “disaster” doesn’t necessarily mean a horrible man-made or natural disaster, although you’ll want to be prepared for that as well. DR will also help you recover your data in case of an outage or malfunction, or for any other reason. With N2WS Backup & Recovery you can automatically create a DR backup in another AWS Region (Cross Region DR) or in another AWS Account (Cross Account DR) —or both, for the ultimate in data protection.

Amazon DynamoDB

Amazon DynamoDB is a very fast and scalable NoSQL database service, employed by over 100,000 AWS users —notably including Samsung, Toyota, and Airbnb. “DynamoDB can handle more than 10 trillion requests per day and support peaks of more than 20 million requests per second.”

With N2WS, you can backup and recover Amazon DynamoDB tables across regions and accounts.

Amazon Elastic Block Store (AmazonEBS)

Amazon EBS provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability.

Encryption is the process of converting data to an unrecognizable or “encrypted” form. It is commonly used to protect sensitive information so that only authorized parties can view it. This includes files and storage devices, as well as data transferred over wireless networks and the Internet.

File-level restore allows you to recover a single image file or database file rather than an entire volume or instance. File-level recovery can also be beneficial if you only want to validate that the volume you are interested in recovering actually contains the files you need to restore. Another good use case for file-level recovery is when you need to access the file level of your environment in order to recover a specific database or log file and use it to quickly recover a running database.

Backups belonging to a policy eventually get deleted. Every policy has its number of generations, and the retention management process automatically deletes older backups. If you wish to keep a backup indefinitely and make sure it is not deleted, move it to the freezer. For example you can once you’ve setup a server and its applications, you could take a first backup session and freeze it, in this way whenever needed your recover the original server the way it was before being used like for testing purpose.

AWS Identity and Access Management (IAM)

AWS Identity and Access Management (IAM) is a web service that enables AWS customers to manage users and user permissions within AWS.

An “instance” is the general name for a copy of an AMI running as a virtual service in the AWS cloud.

JavaScript Object Notation or JSON

JSON is an open-standard file format that uses human-readable text to transmit data objects consisting of attribute–value pairs and array data types. It is a very common data format which serves as a replacement for XML. JSON is a language-independent data format. It was derived from JavaScript, but as of 2017 many programming languages include code to generate and parse JSON-format data. The official Internet media type for JSON is application/json. JSON filenames use the extension .json. We provide a JSON file which defines all the permissions necessary for N2WS Backup & Recovery to function properly.

In N2WS, managed users are the ones you want to look after. They are users who can log in and manage their backup environment like independent users, BUT the root/admin user can also do it for them. The root user can perform all operations for managed users: add, remove and edit accounts, manage backup policies, view backups & perform recovery. Furthermore, the root user can receive alerts and notifications on behalf of managed users, although manage users can also define notifications and get them directly.

Persistent Data refers to information that is infrequently accessed and not likely to be modified. The opposite of this is dynamic data (also known as transactional data) where information is asynchronously changed as further updates to the information become available.

Policy in AWS refers to a document defining permissions that apply to a user, group, or role; the permissions in turn determine what users can do in AWS. A policy typically allows access to specific actions and can optionally grant that the actions are allowed for specific resources like EC2 instances, Amazon S3 Buckets, and so on. Policies can also explicitly deny access.

Policies are the main objects defining backups. With a policy you define what to backup ( EC2 instances, EBS volumes, RDS/Redshift), how to back it up, the backup sessions retention period, and (by associating schedules) when to perform backup. Once you have created a backup Policy you can associate a Schedule and add the resources you want backup (i.e. an EC2 Instance).

A private key is a tiny bit of code that is paired with a public key to set off algorithms for text encryption and decryption. It is created as part of public key cryptography during asymmetric-key encryption and used to decrypt and transform a message to a readable format. … A private key is also known as a secret key.

To quiesce in AWS means to pause or alter a device or application to achieve a consistent state, usually in preparation for a backup or other maintenance.

The Recovery Monitor tab in your N2WS dashboard will contain records for all recovery operations. Each recovery record will contain a time stamp of the recovery operation, the backup is wads recovered from and additional information. Recovery records are automatically deleted as the backups are.

The Reports tab in your N2WS Backup & Recovery dashboard will contain records for all recovery operations. Each recovery record will contain a time stamp of the recovery operation, the backup it was recovered from, and additional information. Recovery records are automatically deleted as the backups are. N2WS also integrates with 3rd party reporting and monitoring software like Datadog and Splunk.

Recovery Point Objective

RPO refers to the amount of data at risk. It’s determined by the amount of time between data protection events and reflects the amount of data that potentially could be lost during a disaster recovery. The metric is an indication of the amount of data at risk of being lost.

Recovery Time Objective

Recovery Time Objective (RTO) is the targeted duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.

Schedules are the objects defining when to perform backup. Schedules are defined separately from policies. A schedule can be associated with several policies. Multiple schedules can be associated with the same policy.

When it comes to Linux instances you don’t even have to install an agent, the same effect is achieved by using Pre/Post backup scripts which you can enable in the backup Policy (Policy “more option” section).

Secret Keys are saved in the database in an encrypted format – not accessible from outside the application – as an extra safety measure.

When referring to Amazon Elastic Block Store (Amazon EBS): A snapshot is a backup of your volumes that is stored in Amazon S3. You can use these snapshots as the starting point for new Amazon EBS volumes or to protect your data for long-term durability.

Snapshot Vaulting allows protecting the target account against wrongful snapshot deletion and allows recovering EC2 instances and EBS volumes across accounts. A Snapshot Vault is created when you combine cross-account and cross-region backup to create a “vault” that is extra secure.

Secure Socket Shell (SSH) is a network protocol that provides administrators with a secure way to access a remote computer. SSH also refers to the suite of utilities that implement the protocol.

Secure Sockets Layer (SSL) Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.

To automate backup management for a resource (i.e. an EC2 instance), you can add a tag to that resource named “cpm backup” (lower case). N2WS Backup & Recovery will identify this tag and parse its content. In this tag (tag value) you will be able to specify whether to remove this resource from all backup policies, whether to add it to a policy or list of policies, and whether to create a new policy, based on an existing one (template), and then add the resource to it. So basically you tag resources to be backed up without having to go into your N2WS dashboard.

A volume is a fixed amount of storage on an instance. You can share volume data between containers and persist the data on the container instance when the containers are no longer running.

Volume Shadow Copy Service

VSS operates at the block level of the file system and enables virtual server backup in Microsoft environments.