I am planning to move few TB of data from on-prem NFS share to S3 Glacier Deep archive. There will be new data ~50GB ready for archive every day.
1. Data needs to be encrypted while on transit and rest; going into S3 and going out of S3.
2. Data needs to be transferred on a specific period of the day.
3. Retrieval of the data needs to be as simple as possible.
I want to get your view on how you would design the solution. Please feel free to ask me any query that you might have.
I will be sharing how I have come up with my design.
You might look at File Gateway. You can setup specific times for sync and it does the sync to S3 via an encrypted means. You can then use an S3 storage rule to archive to Glacier. Maybe on-prem, you could use rsync or some other tool to sync the NFS share over to the NFS share published on the File Gateway or maybe just replace the NFS share with the File Gateway share directly.
You can read about it here: https://docs.aws.amazon.com/storagegateway/latest/userguide/WhatIsStorageGateway.html