storageSAA-C03SAP-C02DEA-C01CLF-C02

AWS Snow Family: The Edge-to-Cloud Data Mover

Physical data migration and edge computing appliances for offline, remote, and large-scale data transfer scenarios

Updated 2026-02-21

Overview

AWS Snow Family is a collection of physical devices (Snowcone, Snowball Edge, and Snowmobile) designed to move large amounts of data into and out of AWS when network transfer is impractical due to bandwidth constraints, cost, or time. These ruggedized appliances also support edge computing workloads, allowing you to run EC2 instances and Lambda functions in disconnected or remote environments. AWS manages the secure physical transport, encryption, and data ingestion into S3 or other AWS services on your behalf.

Physically transport massive datasets to AWS (or run compute at the edge) when internet/Direct Connect bandwidth is too slow, too expensive, or unavailable

Use When

Migrating large on-premises datasets (TBs to PBs) to AWS S3 or S3 Glacier when upload would take weeks or months over existing bandwidth
Running compute workloads (EC2, Lambda) at remote or disconnected edge locations such as ships, oil rigs, military bases, or disaster zones
Collecting and pre-processing IoT or sensor data at the edge before periodic shipment to AWS
Disaster recovery data seeding where initial bulk transfer to AWS must happen quickly and cost-effectively
Decommissioning on-premises data centers with a one-time large-scale migration of hundreds of TBs or more

Avoid When

Data under ~10 TB that can be transferred via internet or Direct Connect in a reasonable time — network transfer is simpler and faster for small datasets
Continuous, real-time data replication — Snow Family is optimized for batch transfers, not ongoing streaming; use AWS DataSync, Storage Gateway, or Direct Connect for continuous sync
Database migrations where schema transformation or minimal downtime is required — use AWS DMS (Database Migration Service) instead; Snow Family moves raw data, not live database workloads
Scenarios requiring sub-hour data availability in AWS — physical shipping introduces days of latency by design

Key Features

End-to-end 256-bit AES encryption (KMS-managed)

Encryption is always on; keys never leave AWS KMS; tamper-evident enclosures ensure physical security

Edge Compute (EC2-compatible instances)

Snowball Edge Compute Optimized and Storage Optimized both support EC2 AMIs; Snowcone supports limited EC2

AWS Lambda at the Edge (via Greengrass)

Lambda functions can run locally on Snow devices via AWS IoT Greengrass integration

AWS DataSync pre-installed agent (Snowcone)

Allows online sync to S3/EFS/FSx when intermittent connectivity exists — unique to Snowcone

S3-compatible local storage API

Applications can write to S3-compatible endpoints on the device locally before shipment

NFS mount support

Devices support NFS for easy integration with existing on-premises file systems without application changes

GPU support (Snowball Edge Compute Optimized)

Optional NVIDIA V100 GPU for ML inference, video transcoding, and scientific computing at the edge

Cluster mode (Snowball Edge)

5–10 Snowball Edge devices can be clustered for larger local storage pools and higher durability at edge sites

OpsHub GUI management

AWS OpsHub desktop application provides a graphical interface to manage Snow devices without CLI — exam may reference this for non-technical user scenarios

Tamper-evident and FIPS 140-2 compliant

Devices are physically hardened; relevant for government and compliance-heavy exam scenarios

Automatic data erasure after job completion

AWS erases device data per NIST 800-88 standards after successful import — key for data governance questions

Direct internet connectivity (Snowcone)

Snowcone supports WiFi and can transfer data online via DataSync when network is available

Snowmobile (exabyte-scale)

45-foot ruggedized shipping container transported by semi-truck; GPS tracked, 24/7 security escort, dedicated AWS personnel

Integration Patterns

Bulk Data Import to S3

high freq

AWS Snow FamilyAmazon S3

The primary use case: data is loaded onto Snow device locally, shipped to AWS, and ingested directly into an S3 bucket specified during job creation. S3 is the landing zone for virtually all Snow import jobs.

Hybrid Edge-to-Cloud Sync (Snowcone)

high freq

AWS Snow FamilyAWS DataSync

Snowcone ships with DataSync agent pre-installed. When intermittent connectivity exists, DataSync can sync data directly to S3, EFS, or FSx. When offline, data is collected locally and shipped. This hybrid pattern is a common exam scenario for remote/field data collection.

Encryption Key Management for Snow Devices

high freq

AWS Snow FamilyAWS KMS

All Snow devices use AWS KMS Customer Master Keys (CMKs) to encrypt data. The CMK is specified at job creation and never leaves AWS. The device uses an encrypted manifest to unlock data only within the AWS region — ensuring data is unreadable even if the device is lost in transit.

Complementary Migration Strategy

high freq

AWS Snow FamilyAWS Direct Connect

Snow Family and Direct Connect are often presented as alternatives in exam questions. Direct Connect is for ongoing, high-bandwidth connectivity; Snow Family is for one-time or periodic bulk transfers where the 'time to transfer over network' exceeds the 'time to ship a device'. Use the 'Snow vs. Network' calculation to choose.

Security Monitoring for Edge Deployments

medium freq

AWS Snow FamilyAmazon GuardDuty

GuardDuty can monitor threat intelligence for data being staged for Snow transfer. In edge compute scenarios, GuardDuty findings from the central account can inform security posture for devices operating in the field.

Edge Lambda Execution

medium freq

AWS Snow FamilyAWS IoT Greengrass

AWS IoT Greengrass runs on Snow devices to enable local Lambda function execution, device management, and ML inference at the edge without internet connectivity. Common in IoT and manufacturing exam scenarios.

Archive Data Seeding

medium freq

AWS Snow FamilyAmazon S3 Glacier

Large archival datasets can be imported via Snow devices into S3, then transitioned to S3 Glacier via lifecycle policies. This is the recommended pattern for cold archive migrations from tape or legacy storage.

GUI-Based Device Management

medium freq

AWS Snow FamilyAWS OpsHub

OpsHub desktop application allows non-technical users to manage Snow devices, launch EC2 instances, and monitor storage without AWS CLI. Exam scenarios involving ease-of-use for field technicians often point to OpsHub.

Service Limits & Quotas

LimitValueNote

Snowcone — Usable Storage (HDD)

8 TB HDD

Snowcone also comes in an SSD variant (14 TB usable); do not assume all Snowcones are HDD-only

Snowcone — Usable Storage (SSD)

14 TB SSD

The SSD variant is a newer addition; older study materials may only mention the 8 TB HDD version

Snowball Edge Storage Optimized — Usable Storage (S3-compatible)

80 TB TB usable

Do not confuse with older Snowball (50 TB / 80 TB) devices that have been retired; current Snowball Edge Storage Optimized is the standard

Snowball Edge Compute Optimized — Usable Storage

28 TB TB NVMe SSD usable

Compute Optimized also has 80 TB HDD in addition to 28 TB NVMe SSD — total raw capacity is higher but NVMe is the differentiator

Snowball Edge Compute Optimized — vCPUs

52 vCPUs

52 vCPUs supports significant edge compute; contrast with Snowcone's 2 vCPUs to pick the right device for compute-heavy edge scenarios

Snowcone — vCPUs

2 vCPUs

Snowcone is lightweight compute; not suitable for heavy ML or video workloads — steer toward Snowball Edge Compute Optimized for those

Snowmobile — Capacity

100 PB PB per truck

Multiple Snowmobiles can be used in parallel for exabyte-scale migrations; a single Snowmobile maxes at 100 PB

Snowball Edge — Max job size (single device)

Multiple devices can be ordered per job N/A

You can order multiple Snowball Edge devices for a single migration job to parallelize transfer — important for large migration planning questions

Snowcone — Weight

4.5 lbs (2.1 kg) lbs

Snowcone's portability (fits in a backpack) is a key differentiator for field/military/remote IoT scenarios on the exam

Encryption

256-bit AES encryption, enforced by default N/A

All Snow devices encrypt data at rest by default using AWS KMS-managed keys — encryption cannot be disabled; this is a compliance differentiator

Data Transfer Speed — Snowball Edge

Up to 100 Gbps Gbps (network interface)

100 Gbps network interface on Snowball Edge enables fast local network ingestion; contrast with typical internet upload speeds to justify the device

Snowcone — DataSync agent support

Supported (pre-installed) N/A

Snowcone ships with AWS DataSync agent pre-installed, enabling online data transfer back to AWS when connectivity is available — a unique hybrid capability

Pricing Model

Per-job flat fee (device usage fee) + per-day usage fee after free period + data transfer OUT charges (data IN to AWS is free)

Flat device service fee per job — NOT hourly billing like EC2; this is a critical exam differentiator
Each job includes a free usage period (typically 10 days for Snowball Edge); additional days incur a per-day fee
Data transfer INTO AWS (import jobs) is free; data transfer OUT of AWS (export jobs) incurs standard S3 data transfer pricing
Shipping fees are charged separately and vary by region and shipping speed
Snowmobile pricing is custom/negotiated — contact AWS Sales; not listed on standard pricing pages
No volume discounts like S3 storage tiers — pricing is flat per device per job
Edge compute usage on Snowball Edge (running EC2 instances) incurs additional compute pricing based on instance type

Exam Tips

criticalMigration strategy selection — SAA-C03 and SAP-C02 frequently test this decision

Use the 'bandwidth breakeven' rule: if transferring data over your existing network would take MORE than ~1 week, Snow Family is likely the correct answer. A rough formula: Time(days) = DataSize(TB) / (Bandwidth(Gbps) × 10). If this exceeds 7–10 days, choose Snow.

criticalPricing model misconception — top trap in CLF-C02 and SAA-C03

Snow Family pricing is a FLAT JOB FEE + per-day usage, NOT hourly like EC2 or per-GB like S3. When exam questions ask about cost model, never select 'pay per hour' or 'volume discount' options for Snow devices.

criticalSnowcone unique capabilities — DEA-C01 and SAA-C03

Snowcone is the ONLY Snow device with a pre-installed AWS DataSync agent and WiFi support, enabling online data transfer when connectivity is available. If an exam scenario involves a remote location with INTERMITTENT connectivity, Snowcone + DataSync is the answer.

criticalSecurity and compliance — appears in all four certifications

ALL Snow devices encrypt data at rest using 256-bit AES with AWS KMS by default — you CANNOT disable encryption. If a question asks how to secure data on a Snow device in transit, the answer is 'encryption is enforced automatically via KMS'.

criticalDevice selection by scale — SAP-C02 migration domain

For migrations >10 PB (petabyte-scale), the answer is Snowmobile — a literal semi-truck with a 100 PB container. If the scenario says 'exabyte-scale' or mentions multiple Snowmobiles, that's valid. Never choose Snowball Edge for >10 PB scenarios.

critical

Snow pricing = flat job fee + per-day usage after free period. NEVER hourly, NEVER volume discounts. If an answer says 'pay per hour' or 'volume discount', eliminate it immediately.

critical

Snow Family ≠ Database Migration. Snow moves files/objects physically. AWS DMS moves live databases. If the question mentions 'live database', 'schema conversion', or 'minimal downtime cutover', the answer is DMS, not Snow.

critical

Snowcone is the ONLY Snow device with pre-installed DataSync + WiFi for online transfer when connectivity exists. 'Intermittent connectivity at remote location' = Snowcone + DataSync. All other Snow devices are offline-only physical transfer.

importantMigration service selection — common trap combining Snow and DMS

Snow Family CANNOT be used for database migrations with minimal downtime — that's AWS DMS (Database Migration Service). Snow moves raw data/files. If a question mentions 'live database', 'schema conversion', or 'minimal downtime', DMS is the answer, not Snow.

importantEdge compute device selection

Snowball Edge Compute Optimized with GPU is the answer for ML inference, video transcoding, or scientific computing at disconnected edge locations. If the scenario mentions 'machine learning at the edge' or 'disconnected environment with GPU needs', select Compute Optimized.

importantCost optimization — SAA-C03 Design Cost-Optimized Architectures domain

Data import INTO AWS via Snow is FREE. Data export OUT of AWS via Snow incurs standard S3 data transfer charges. This asymmetry matters in cost optimization questions — Snow import jobs are particularly cost-effective.

importantEdge storage scaling — SAP-C02

Snowball Edge devices support CLUSTERING (5–10 devices) for larger local storage pools at edge sites. If a scenario requires petabyte-scale local storage at a remote site WITHOUT internet, a Snowball Edge cluster is the answer.

Good to KnowData governance and compliance

After a Snow job completes and data is uploaded to AWS, AWS erases the device data per NIST 800-88 standards. This is a key data governance and compliance point — you do NOT need to manage device sanitization yourself.

Good to KnowOperational management

AWS OpsHub provides a GUI for managing Snow devices — relevant when exam scenarios describe non-technical field personnel needing to manage devices without CLI access. Always choose OpsHub over CLI for 'ease of use' scenarios.

Common Misconceptions & Traps

Common Mistake

Snow Family is billed hourly like EC2 instances or has volume discounts like S3 storage tiers

Correct

Snow Family uses a flat per-job service fee plus a per-day usage fee after the included free period (typically 10 days). There are NO hourly rates and NO volume discounts. Shipping is billed separately.

Exam questions often list 'hourly billing' or 'volume discount pricing' as distractors. The flat-fee model makes Snow predictable for budgeting large migrations. Remember: you're renting a physical appliance for a job, not a cloud compute resource.

Common Mistake

AWS Snow Family can be used to migrate live databases with minimal downtime, similar to AWS DMS

Correct

Snow Family moves raw data (files, objects, block storage) physically. It has NO capability for live database replication, schema conversion, or change data capture (CDC). For database migrations with minimal downtime, use AWS DMS. Snow can seed initial data, but DMS handles the live cutover.

This is one of the most common exam traps. The word 'migration' appears in both Snow Family and DMS contexts, but they solve completely different problems. Snow = bulk physical data movement. DMS = live database replication and conversion.

Common Mistake

All Snow devices are functionally identical — just different sizes of storage

Correct

Each Snow device has distinct capabilities: Snowcone (2 vCPUs, 8/14 TB, WiFi, DataSync pre-installed, backpack-portable), Snowball Edge Storage Optimized (80 TB, 40 vCPUs, pure transfer focus), Snowball Edge Compute Optimized (52 vCPUs, optional GPU, 28 TB NVMe, edge ML/compute focus), Snowmobile (100 PB, semi-truck, exabyte migrations). Device selection depends on compute needs, storage size, portability, and connectivity — not just capacity.

Exam scenarios are specifically crafted to test whether you know WHICH device fits the scenario. A question mentioning 'GPU at the edge' requires Compute Optimized. 'Backpack portable field collection' requires Snowcone. 'Petabyte migration' requires Snowmobile. Treat each device as a distinct product.

Common Mistake

AWS Snow Family and AWS Direct Connect are interchangeable solutions for connecting on-premises to AWS

Correct

Direct Connect provides ONGOING, dedicated private network connectivity between on-premises and AWS. Snow Family provides ONE-TIME or PERIODIC bulk physical data transfer. They are complementary, not interchangeable. Use Direct Connect for continuous workloads; use Snow for initial bulk migration or when network bandwidth makes online transfer impractical.

Exam questions frequently present both as options for 'moving data to AWS'. The decision hinges on: (1) Is this a one-time migration or ongoing? (2) How long would network transfer take? If a 100 TB dataset would take 3 months over a 100 Mbps connection, Snow wins. If you need real-time replication forever, Direct Connect wins.

Common Mistake

Snow devices transfer data unencrypted and encryption must be configured separately by the customer

Correct

ALL Snow devices encrypt data at rest with 256-bit AES encryption using AWS KMS Customer Master Keys — this is MANDATORY and cannot be disabled. The encryption key is specified at job creation and the device can only be unlocked within the AWS region, making intercepted devices unreadable.

Security questions may ask 'how do you ensure data security when shipping a Snow device?' The answer is always 'encryption is enforced by default via KMS — no additional configuration required.' Candidates who think encryption is optional will choose wrong answers about adding encryption layers.

Common Mistake

Snowcone can only be used offline — it must be physically shipped to transfer data

Correct

Snowcone is the ONLY Snow device that supports online data transfer via its pre-installed AWS DataSync agent and WiFi connectivity. It can transfer data to S3, EFS, or FSx when network is available, and collect data offline when disconnected. This hybrid capability is unique to Snowcone.

This misconception causes candidates to miss Snowcone as the answer for 'intermittent connectivity' scenarios. The key phrase to watch for in exam questions is 'sometimes connected' or 'occasional internet access' — that's Snowcone + DataSync territory.

Memory Tricks

🧠

SCONE = Snowcone: Small, Connected (optional), Online-capable, Narrow compute (2 vCPUs), Edge IoT

🧠

Snow SIZE rule: Snowcone (suitcase) → Snowball Edge (pallet) → Snowmobile (semi-truck) — match the device to the physical scale of your data

🧠

Snow PRICING = 'Rent a truck' model: flat fee for the job + daily parking fee after 10 days — NOT a taxi meter (hourly) and NOT a warehouse (volume discount)

🧠

DMS vs Snow: DMS = Doctor Moving a Sick (live) database. Snow = Shipping Neutral Objects/files Wholesale — Snow can't treat a sick (live) database

🧠

KMS + Snow = 'Locked Chest on a Ship' — the chest (device) is always locked (encrypted), the key (KMS CMK) stays in the harbor (AWS region), so even if pirates (thieves) intercept it, they can't open it

CertAI Tutor · SAA-C03, SAP-C02, DEA-C01, CLF-C02 · 2026-02-21

Ready to test your knowledge?

Practice SAA-C03, SAP-C02, DEA-C01, CLF-C02 exam questions with AI-powered explanations — free to start.

AWS Snow Family: The Edge-to-Cloud Data Mover

Overview

Key Features

Integration Patterns

Service Limits & Quotas

Pricing Model

Exam Tips

Common Misconceptions & Traps

Memory Tricks

Ready to test your knowledge?

Related Cheat Sheets