All things Cloud

How to use Kerberos Active Directory authentication with AWS File Gateway SMB shares ?

With security vulnerabilities like CVE-2022-26925 using NTLM would open up relay attacks on the domain controllers (DC), so it is not recommended to use NTLM authentication for Windows clients to remote network shares like File Gateway SMB shares. You can use Kerberos authentication with Active Directory to mitigate the risks with NTLM. To use Kerberos, …

How to use Kerberos Active Directory authentication with AWS File Gateway SMB shares ? Read More »

System Error 5 – Access is Denied on AWS File Gateway SMB share, how to fix?

AWS File Gateway, SMB

When using SMB share with Active Directory authentication on File Gateway, sometimes you may get System Error 5 – Access is Denied. There could be a few reasons why you may get this error. In this article, we will go through couple of them. One of the general reasons you get this error is mismatch …

System Error 5 – Access is Denied on AWS File Gateway SMB share, how to fix? Read More »

How to create AWS File Gateway on EC2 and activate to PrivateLink, and use S3 PrivateLink?

Amazon S3, AWS File Gateway, AWS Storage Gateway - Hybrid Storage, NFS

You can activate a AWS storage gateway to three endpoint types 1) Public 2) VPC 3) FIPS In this post, we will go through the below steps and activate to VPC endpoint using AWS CLI. Interface VPC endpoint provides PrivateLink and enables private access to Storage Gateway and S3 services. In this post, we will …

How to create AWS File Gateway on EC2 and activate to PrivateLink, and use S3 PrivateLink? Read More »

How to resolve chown:operation not permitted error when trying to change UID/GID on AWS File Gateway NFS file share?

AWS File Gateway, AWS Storage Gateway - Hybrid Storage, NFS

When you first create the file share, the default UID/GID for the pre-existing objects in S3 bucket would be 65534:65534 which is nfsnobody:nfsnobody. You may want to change the ownership and assign specific UID/GID for these existing files through file gateway NFS file share. When doing chown to change default UID/GID, you can get operation …

How to resolve chown:operation not permitted error when trying to change UID/GID on AWS File Gateway NFS file share? Read More »

How to mount a S3 File Gateway NFS share on Windows client?

Amazon S3, AWS File Gateway, AWS Storage Gateway - Hybrid Storage, NFS, S3

Before mapping the NFS share, you would need to add NFS client for Windows feature. You can install Client for NFS on Windows either through Server Manager or PowerShell command. Using Server Manager:1) Go to Server Manager and select Add roles and features 2) Select Next in below Before You Begin: 3 . Select Next …

How to mount a S3 File Gateway NFS share on Windows client? Read More »

How to activate AWS Storage Gateway without local port 80 access?

AWS File Gateway, AWS Storage Gateway - Hybrid Storage

After you deploy the VM or the EC2 instance for the storage gateway, you would need to complete the Storage Gateway activation. During the activation process, gateway fetches an activation key and associates that with your AWS account. Previously you would provide the IP address, connect to the gateway and activate the gateway through the …

How to activate AWS Storage Gateway without local port 80 access? Read More »

How to setup CHAP authentication on AWS Volume Gateway volume?

AWS Storage Gateway - Hybrid Storage

While creating a storage gateway cached iSCSI volume, you would want setup CHAP authentication on the volumes. To configure CHAP authentication, you would need to provide Initiator Name, Initiator Secret and Target Secret. You can get the Initiator name from the client Windows ISCSI initiator configuration as shown below. Next, provide any Initiator secret and …

How to setup CHAP authentication on AWS Volume Gateway volume? Read More »

Amazon SES SMTP credentials are not working, how to test SMTP credentials easily?

Amazon SES, SES SMTP

You might be looking to send emails connecting to Amazon SES SMTP endpoints. But, if you run into Authentication Errors and you want to test the credentials, you can try testing openssl following the steps here. If you want, one simple way to test the validity of these SMTP credentials is, to use this website …

Amazon SES SMTP credentials are not working, how to test SMTP credentials easily? Read More »

How to create a Volume Gateway and map an iSCSI volume?

AWS Storage Gateway - Hybrid Storage

I have shown in my other post how to create a File Gateway and map a file share using SMB protocol. If you are looking for block level access and want to take backup of your data to EBS snapshots, you can use volume gateway. Volume gateway offers two types: stored and cached volume gateway. …

How to create a Volume Gateway and map an iSCSI volume? Read More »

I have uploaded files to S3 bucket, but they are not visible on my file gateway file share, why?

AWS Storage Gateway - Hybrid Storage

In my previous post, we went through the process of creating and activating a file gateway. Then, created a SMB share enabling guest authentication. Mapped that SMB share and uploaded files to mapped drive which are transferred to S3 bucket. But, what if I upload files directly to S3 bucket, will they be available on …

I have uploaded files to S3 bucket, but they are not visible on my file gateway file share, why? Read More »