A Comparison between AWS S3 Infrequent Access and Azure Cool Blob Storage
Amazon web services (AWS) and Microsoft Azure have introduced their tier of object storage, particularly directed at protecting stored data. AWS S3 Infrequent Access (S3-IA) and Azure Cool Blob Storage (CBS) are the new lower frequency access cloud storage tiers.
Since StoneFly provides backup for on-premise servers, cloud servers and other endpoints to Azure cloud and Amazon AWS cloud, we are offering a comparison of these object storage tiers.
Both AWS S3-IA and Azure CBS are best for lower frequency access where performance and latency are important. They have the best prices for storage but they charge more for access. This makes them ideal for long term media storage, backup and disaster recovery. In the following, we will look into the features of AWS S3-IA and Azure CBS and see how they compare on the following aspects: Granularity, Availability, Performance, Scalability, Security, Regional Availability, Changing Access Tier, Quirks and Considerations, and Pricing.
Granularity or graininess is the quality of being grainy or in other words, how detailed a certain thing is. In terms of AWS and Azure, it pertains to their storage and processing of data and information. Both AWS S3-IA and Azure CBS permit the user to set some information to lower access frequency while some to normal frequency. However, the granularity at which you can set it varies.
Azure Cool Blob Storage
Storage Tier Setting
AWS has an “object” oriented storage tier setting while Azure has a “Storage account” oriented storage tier setting. In other words, in AWS an object can be set to use S3 or S3-IA while in Azure an entire storage account must be set to use Cool or Hot storage blobs. This implies that Azure doesn’t treat individual blobs (or objects) rather the entire storage account containing the blobs is set to cool (for low-frequency access).
Note: Changing access frequencies does incur costs for both Azure and AWS
Azure and AWS provide their customers with a Service license agreement (SLA) for when the service is not available. This SLA provides billing credit when the service is not available beyond a certain threshold in a given month. In comparison to the SLA offered for the higher frequency access, this SLA is lower; this is also the reason why they are able to offer lower prices.
|AWS S3-IA||Azure Cool Blob Storage|
|10% service credit||Less than 99%||Less than 99.0% read/write LRS*, ZRS**, GRS***, RA-GRS
& less than 99.9% read with RA-GRS
|25% service credit||Less than 98%||Less than 98%|
LRS: Locally Redundant Storage ZRS: Zone Redundant Storage GRS: Geo Redundant Storage
Both AWS S3-IA and Azure Cool Blob Storage offer 10% billing credit for less than 99% availability and 25% billing credit for less than 98% availability. However, Azure Cool Blob Storage sets the bar higher for their 10% billing credit, offering it for less than 99.9% availability for their Read Access Geo Redundant Storage (RA-GRS).
In terms of latency and bandwidth, both Azure Cool Blob Storage and AWS S3-IA are similar to the higher access frequency tier. However, Amazon has not released the performance targets for AWS S3-IA, and Microsoft has released some performance details for Azure Cool Blob Storage:
- For a single blob: Up to 60 MegaBytes (MBs) per second, or up to 500 requests per second.
- Total request rate per storage account: Up to 20,000 IOPS at 1KiloByte (KB) block size.
- LRS: 20 Gigabytes (GBs) per second ingress, 30 GBs per second egress per account.
- GRS: 10 GBs per second ingress, 20 GBs per second egress per account.
Both AWS S3-IA and Azure Cool Blob Storage appear to be scalable as the higher frequency tier. The maximum possible scalability of AWS S3 and Azure Hot Blob storage is as follows:
Note: Azure’s limit of 100 accounts is a soft limit and can change if you request it.
The security of AWS S3-IA and Azure Cool blob storage is equivalent to their higher access frequency counterparts. Let’s see how the two compare:
|AWS S3||Azure Blob Storage|
|Data Pre-flight||Client side encryption library||Client side encryption library|
|Data in flight||TLS||TLS|
|Data post flight||Server side encryption (AES-256)||Not available (in preview)|
|Key Management||S3 managed, Key management system or customer provided.||Key Vault or customer provided.|
Azure’s encryption of data post flight is still in the preview phase, however, AWS is already providing a reliable server side encryption. All other services provided are nearly the same.
AWS S3-IA is available in all AWS regions. A more clear understanding can be deduced using this following map:
Similarly, Azure’s Cool Blob Storage (CBS) is available in the regions where Blob storage is available (more than half of the Azure regions). Current regions where Azure CBS is available:
Changing Access Tier
Changing Access Tier implies switching between higher access frequency tier and lower access frequency tier. Both AWS and Azure permit these changes but the user is charged for those changes (depending on the change). Let’s take a look at what is charged and what is free:
|AWS S3-IA||Azure Cool Blob Storage|
|Changing Access tier to Lower access frequency||Yes: S3 Standard, S3 Reduced Redundancy
Fee per request
|Yes: Hot Blob storage account
No: General purpose storage account
|Changing Access tier from Lower access frequency||You can change class to standard or reduced redundancy. However, you will have to copy the data. Direct transition is not possible.||The change is possible; however, it will be charged the same as reading all data in the storage account.|
Changing the access tier in AWS from S3 standard or Reduced Redundancy to S3-IA is possible. The change is charged for and also imposes the condition that the object must have existed in its current state for at least 30 days; otherwise, AWS will charge additional fees. To facilitate the change in access tiers, AWS also offers a migration tool called “Object Lifecycle management”. This tool enables you to set policies for migration of objects from S3 standard S3-IA to Glacier based on time or date. The policies are set at the S3 bucket level.
In Azure, the user can change their hot blob storage account to Cool blob storage account without any charges. The transition from a General purpose storage account to Cool blob storage account is not permitted.
AWS does permit you to change your object from S3-IA to S3 standard or Reduced Redundant storage; however, this transition is not done directly. You have to place a S3-IA copy request and S3-IA data retrieval, doing so incurs charges. It is also possible to change from S3-IA to Glacier.
In Azure you can change the frequency tier of an account from Cool Blob Storage to Hot Blob storage, this too incurs charges. The change is applied to the entire storage account and all objects within it. You are charged as reading the entire data in the storage account.
Quirks & Considerations
Every software, hardware and technology has its quirks and it helps to know about them before investing in them. AWS S3-IA and Azure Cool Blob storage are no exception.
|AWS S3-IA||Azure Cool Blob Storage|
|Backup Quirks||All EC2 snapshots go to S3 standard, not to S3-IA.||Not integrated with Azure backup vault currently|
|Object Size||Minimum 128 KiloBytes (KBs)|
With AWS S3-IA, all EC2 snapshots go to S3 standard first. Where they have to remain for 30 days unless you choose to move them before that in which case you have to pay extra. Another AWS has a minimum object size of 128 KBs. So your object size has to be at least that much, all sizes smaller than 128 KBs are charged the same as 128 KBs for cloud backup.
Azure Cool Blob Storage is currently not integrated with Azure backup vault. However, there are third party service providers who are already providing these services. At this time though, not even the Azure classic deployment model (System Center Data Protection Manager, Azure backup and Azure site recovery) is also not integrated with Azure Cool Blob Storage.
Note: it is recommended that you consult Amazon or Microsoft for pricing, as price structures can change from time to time and from one region to the other.
|AWS S3-IA||Azure CBS LRS||Azure CBS GRS and RA-GRS|
|Amount of Data Stored||$0.0125 per GB per month
<30 days: Pro-rated storage charge.
|$0.01 per GB per month||GRS $0.02 per GB per month
RA-GRS $0.025 per GB per mo.
|Data write||$0.000 (free)||$0.0025 per GB||$0.005 per GB|
|Data retrieval||$0.01 per GB||$0.01 per GB||$0.01 per GB|
|Transfer IN to cloud||$0.000 (free)||$0.000 (free)||$0.000 (free)|
|Transfer OUT to Internet||Same as AWS S3 Standard (max: $0.09 per GB)||Same as hot storage account (max: $0.087 per GB)||Same as hot storage account (max: $0.087 per GB)|
|Transfer TO another region||Same as AWS S3 Standard ($0.020 per GB)||Same as transfer out to internet||Same as transfer out to internet|
|Geo-Replication Data Transfer||N/A||N/A||$0.020 per GB|
|POST (AWS) / Create (Azure)||$0.10 p10kr||$0.10 p10kr||$0.20 p10kr|
|COPY||$0.10 p10kr||$0.01 p10kr||$0.01 p10kr|
|LIST||$0.01 p10kr||$0.10 p10kr||$0.20 p10kr|
|GET||$0.01 p10kr||$0.01 p10kr||$0.01 p10kr|
|DELETE||$0.000 (free)||$0.000 (free)||$0.000 (free)|
|Other requests||$0.01 p10kr||$0.01 p10kr||$0.01 p10kr|
|Lifecycle transition requests||$0.10 p10kr||N/A||N/A|
The term “p10kr” is an abbreviation for “per 10,000 requests”. For easier comparison, pricing is normalized to 10,000 requests.
Both AWS S3 Infrequent access (or lower access frequency tier) and Azure Cool blob Storage are storage tiers that are suitable for cloud backup. It’s the kind of storage where you can store a lot of data that you don’t want to access a lot but when you do want to access it, you don’t want to wait. They both additionally lower the low costs conventionally charged for object storage. So, both of them are good options to reduce backup costs.
The difference between AWS and Azure is that AWS enables you to set the access frequency tier for each object, whereas Azure requires all objects in a storage account. So if you intend to use Azure cool blob storage through the StoneFly cloud connect for backup, it would be a good decision to have dedicated Cool Blob storage independent of the primary storage.
In terms of Availability SLAs, both Azure and AWS are very similar with Azure RA-GRS read requests having an additional 0.9% advantage.
Performance and scalability of AWS S3-IA and Azure CBS are equivalent to their high-frequency access counterparts. This is great news for short backup windows and rapid restores, especially when you need them.
In terms of encryption, both AWS and Azure offer encryption and key management for data pre-flight and in-flight. However, Azure is a bit behind in not offering post-flight encryption.
For the regions, AWS S3-IA is available in all AWS regions whereas Azure CBS is only available in more than half of the Azure regions.
Both AWS and Azure allow the transition from the higher frequency tier to the lower frequency access tier. AWS charges for that per object while Azure does that for free. A good thing about AWS is that it offers an automatic lifecycle management tool.
If we are to conclude the price differences between AWS S3-IA and Azure CBS, that would have to be discussed on a case by case basis. However, both AWS S3-IA and Azure CBS lower the backup costs by using their object storage. StoneFly customers should consider which public cloud service offers the right functionality and cost for their backup target and long term retention needs.