WFH office NAS to AWS?

OneDrive/Dropbox is probably a better solution for my wife’s office, but as a thought experiment, to get her office laptop mounting her familiar NAS volumes from home, what is the AWS answer for this?

Lets assume the current local NAS could be wholly hosted on AWS instead of the office. So no VPN server at the office. Lets assume that there is a mix of Windows and MacOS clients at her office. Files are typically ~100M architecture drawings that multiple people might work on.

What are the steps. S3 sync to s3 and then setup FSx and then setup VPN client on the PCs? Or is it more involved with Active Directory?

Doable but not worth it if they have office 365 already. Would be easier to vpn into the office.

Maybe Storage Gateway?

If you edit the files a lot and they’re big, I wouldn’t use S3. You can only upload new files there. You can’t edit in place.

FSx works well for an AWS-based file server.

I have a VPN server on EC2 (I’m using Pritunl) and clients can easily connect to that and then access the FSx volume as a normal share.

My only real complaint with FSx is that you can’t re-size the volumes so if you ever need more space you’ll need to restore a backup into a new volume and then get everyone reconnected to it.

In a previous life I set up a Synology NAS (backed up to AWS S3 & Azure Storage); Backed by AD (Windows Machines) and LDAP (MacOS).

The S3 and Azure Storage syncing was a breeze. Download a plugin on the Synology and point it at the right volumes. VPN (external access) was a little more painful, but it is certainly do-able.

VPN to the local office NAS would be easier, but lets assume that option is off the table.

I like to consider AWS hosting the data, because then there would be better data durability…

But then the volume mounts which their software is particular about are gone. WorkDocs I suspect means uploading/downloading manually.

I second this, or go with SPO + OD.

Storage gateway gets the files to S3, but then you can’t mount the drive whilst out of the office IIUC.

Why don’t you use the VPN server that AWS provides on the VPC ? (I’m not 100% sure of its name)

Pair this with DFS Namespaces and life is easier.

No, it can mount like google drive. at least it does on mac

It seemed somewhat difficult to set up, and if you have a lot of clients it is absurdly expensive. I had Pritunl set up in under an hour (including setting it up to use G-Suite for user auth) and it’s practically free.

I use the normal VPC site-to-site VPN service a lot but the Client VPN is a no-go at this point.

But EFS is NFS, it won’t be mountable by the Windows machines IIUC, that’s why I mentioned FSx.

I don’t quite understand the difference between site to site versus client VPN. Isn’t it effectively the same?

AWS VPN | Pricing | Amazon Web Services (AWS) is ~5c an hour … I guess a lot of clients… it does add up. But you would need quite a lot.

Fair enough. S3 + Storage Gateway.

Honestly, though… OneDrive… if you have O365.

Or Azure Files. MUCH simpler.

Azure Files that’s your best option or O365 SharePoint with OneDrive sync if your data less than 2-3Tbyte

Agreed OneDrive is simpler to roll out. But to use I feel will force users to make extra steps to download the latest and upload changes… no?

Push it out with GPO. They can edit live in place if it’s in OneDrive. Even collaboratively.

I think that will only likely work on Windows, not MacOS, right?