r/cloudcomputing

Offloading petabyte-scale legacy tape data to cloud cold tiers without network sync?

We're currently auditing our long-term archiving costs and looking for some architectural advice. Right now, we have about 4 PB of compliance data sitting on physical, aging magnetic tapes on-prem. It's deep cold storage, so reads are practically zero, but keeping the old hardware alive is getting expensive.

Moving all this to Azure Archive or AWS Glacier Deep Archive seems like the obvious choice for the long run. The catch is our local bandwidth. Trying to stream petabytes over our current pipe would drag down production for months.

Because a network migration is out of the question, I've been looking into physical mass-ingest alternatives. I was checking out how specialized operations like Tape Ark or physical bulk-ingest pipelines handle reading legacy media formats and uploading them directly to cloud buckets.

Has anyone used this kind of offline approach to completely decommission their on-prem tape setups? If you did it at this scale, did you hit any hidden formatting or index compilation issues once the data reached the cloud?

reddit.com
u/dtsagdis — 3 days ago

Azure PDNS Question

We currently send all blob.core.windows.net traffic on our internal network from our on-prem DC up to an Azure PDNS Zone via private link. We've recently had a requirement to send traffic out to public DNS for a single storage account that a supplier uses. Lets call it storage01.blob.core.windows.net for the sake of this question.
I want to avoid enabling the 'fallback to internet' feature on the Virtual Network link, is there a convenient way for me to route just the storage01 traffic out to public DNS using just the available settings on the PDNS Zone/VNET Link or do I have to eat my vegetables and do this on our DC (I also want to avoid that).

reddit.com
u/Rohnur — 4 days ago

Transit Gateway vs VPC Peering: Which AWS Networking Option Should You Use?

I've noticed that a lot of people starting their cloud journey struggle with AWS networking. Concepts like VPC Peering, Transit Gateway, route tables, and networking in general can be pretty confusing at first.

So I decided to start a series where I explain these topics in a beginner-friendly way, with diagrams and real-world examples.

The first article covers Transit Gateway vs VPC Peering—when to use each, the trade-offs, costs, scalability, and common use cases.

I'd love to hear your feedback and suggestions on what networking topic I should cover next.

https://www.cloudarena.io/blog/transit-gateway-vs-vpc-peering

reddit.com
u/Entire-Present5420 — 4 days ago
▲ 15 r/cloudcomputing+7 crossposts

[Tool] Kulshan: Open-source AWS audit CLI that generates a local HTML report (no CUR, no SaaS)

[Tool] Kulshan: Open-source AWS audit CLI that generates a local HTML report (no CUR, no SaaS)

I spent years helping AWS customers investigate cost questions.

A surprisingly common conversation looked like this:

Customer: "Our AWS bill doubled."

Followed by:

  • No CUR
  • No Athena
  • No cost tooling
  • No budget alerts
  • Nobody comfortable enough with Cost Explorer to answer questions quickly

Before optimization, FinOps, chargeback, forecasting, or governance, there was a much simpler problem:

What is actually going on in this AWS account?

I built a tool to answer that question.

pip install kulshan
aws login
kulshan report

Kulshan is a free, open-source CLI that runs locally against your AWS account and generates an HTML report.

It uses read-only AWS APIs and looks at:

  • Cost trends and spend changes
  • Largest services and cost drivers
  • RI / Savings Plan coverage
  • Tagging health
  • Orphaned and unused resources
  • Forecast and acceleration signals

A few design decisions I cared about:

  • No SaaS
  • No data uploads
  • No telemetry
  • No write permissions
  • No CUR required
  • No Athena required

The idea is not to replace FinOps tooling.

It is to provide a baseline when someone asks:

"Can you help me understand what is going on with this bill?"

GitHub:
https://github.com/azz-kikkr/kulshan

PyPI:
https://pypi.org/project/kulshan/

Question for the community:

When someone drops you into an unfamiliar AWS account and asks why spend increased, what is the very first thing you look at?

u/azz_kikkr — 11 days ago

Microsoft 365 E7 Frontier Suite Explained: What’s Actually New Beyond E5?

We've been reading about Microsoft's new Microsoft 365 E7 Frontier Suite and wanted to put together a breakdown of what it includes and where it might actually make sense.

The article covers:
• What the E7 Frontier Suite is
• How it differs from Microsoft 365 E5
• The AI, identity, security, and management capabilities included
• Which organizations are likely to benefit (and which probably won't)

I'm also curious what others think:

  • Do you see E7 becoming relevant for enterprise customers?
  • Is the additional licensing likely to justify the cost?
  • Which features do you think will drive adoption?

For anyone interested, here's the full breakdown:
https://cloud9infosystems.in/microsoft-365-e7-frontier-suite-explained/

Looking forward to hearing different perspectives.

u/cloud_9_infosystems — 10 days ago

How to reduce risk of data breaches in the cloud?

Not looking for the checklist. The real work lives in three places most teams underestimate: knowing where sensitive data actually exists at any point in time (harder than it sounds in dynamic environments), remediating IAM overpermissioning without breaking things, and mapping lateral movement paths before attackers find them.

The key insight is these risks connect, a misconfiguration only becomes a breach risk when it chains to sensitive data through an exploitable path. What's your org actually prioritizing this year?

reddit.com
u/Severe_Part_5120 — 13 days ago

How do you choose a colocation hosting provider?

A few months ago, I started looking into colocation hosting because our servers were getting expensive to manage. Every provider seemed to promise great uptime, security and support but it was hard to tell what mattered in the real world. Also, I have gone through rackbank ai datacenter and noticed how different providers enhance different strengths. For those who have already gone through the process, what was the biggest factor that helped you choose a colocation hosting provider? EDIT: Thanks for sharing, stories like these really highlight how important reliable power, redundancy and proper maintenance are.

reddit.com
u/Good-Literature-2293 — 12 days ago

Enterprise cloud security, which vendors are actually worth it?

We’re currently evaluating cloud security solutions for an enterprise environment and trying to narrow down the right vendor. There are a lot of big names in the space, but it’s hard to separate marketing from real-world performance especially when it comes to scalability, cost over time, and how well things actually integrate across a complex stack.

For those with hands-on experience:

Which cloud security provider did you end up choosing?

What made it the right fit for your organization long-term?

How does it perform in hybrid or multi-cloud environments?

Any major drawbacks or lessons learned after deployment?

Would really appreciate insights from people who’ve gone through the decision process or are managing this in production. Thanks!!

reddit.com
u/aptdemeanor — 13 days ago

AWS cost monitoring tools that actually work for small teams?

we've just normalized not fully understanding our aws bill because nobody has time to dig into it so we pay it and move on.

that worked until s3 costs tripled and we assumed growth and ignored it until we found out it was a misconfigured lifecycle policy and a logging bucket that had been accumulating since day one.

fix took an hour once we knew what to look at. the problem was we'd accepted not knowing as the default.

what tools or setups have actually helped your team stay on top of aws costs without a dedicated person watching it full time?

reddit.com
u/AdOrdinary5426 — 14 days ago