Consider a research institute that stores backups on S3 Glacier Deep Archive. The backups are maintained in S3 Glacier Deep Archive for redundancy. The institute has multiple researchers with one central IT team. When a researcher requests an object from Glacier Deep Archive, the central IT team retrieves it and charges the corresponding research group for retrieval and data transfer costs.
Researchers are the end-users and do not operate on AWS. They run their computing clusters on-premises and depend on the central IT team to provide them with the restored archive. A member of the research team requesting an object retrieval provides the following information to the central IT team:
- Object key to be restored.
- The number of days the researcher needs the object accessible for download.
- Researcher’s Email Address.
- Retrieve within 12 or 48 hours SLA. This determines whether “Standard” or “Bulk” retrieval respectively.
The following overall architecture explains the setup on AWS and the interaction between a researcher and the central IT team’s architecture.
- The researcher uses a front-end application to request object retrieval from S3 Glacier Deep Archive.
- Amazon API Gateway synchronously invokes AWS Step Functions Express workflow.
- Step Functions initiates RestoreObject from S3 Glacier Deep Archive.
- Step Functions stores the metadata of this retrieval in an Amazon DynamoDB table.
- Step Functions uses Amazon SES to email the researcher about archive retrieval initiation.
- Upon completion, S3 sends the RestoreComplete event to Amazon EventBridge.
- EventBridge rule triggers another Step Function for post-processing after the restore is complete.
- A Lambda function inside the Step Function calculates the estimated cost (retrieval and data transfer out) and updates existing metadata in the DynamoDB table.
- Sync data from DynamoDB table using Amazon Athena Federated Queries to generate reports dashboard in Amazon QuickSight.
- Step Function uses SES to email the researcher with cost details.
- Once the researcher receives an email, the researcher uses the front-end application to call the
/download
API endpoint. - Amazon API Gateway invokes a Lambda function that generates a pre-signed S3 URL of the retrieved object and returns it in the response.
To run the sample application, you need:
- CDK v2
- Node.js
- npm
Clone the repository, then run:
cd cdk/app-glacier-deep-archive-retrieval
To deploy the application, run:
cdk deploy --all
Take the following considerations with the above approach:
- Start the object retrieval in the same region as the region of the archived object.
- S3 Glacier Deep archive only supports standard and bulk retrievals.
- Enable the “Object Restore Completed” event notification on the S3 bucket with the Glacier Deep Archive object.
- The researcher confirms the SES Email subscription for the supplied email address.
- Use a Lambda function for Price List GetProducts API as the service endpoints are available in specific regions.
To clean up the infrastructure, run:
cdk destroy --all