Amazon S3 Lifecycle Configurations
Introduction to Amazon EFS
EFS in Practice
Amazon Elastic Block Store (EBS)
Running Operations with the Snow Family
Data Transfers with AWS DataSync
The course is part of this learning path
This section of the Solution Architect Associate learning path introduces you to the core storage concepts and services relevant to the SAA-C03 exam. We start with an introduction to the AWS storage services, understand the options available and learn how to select and apply AWS storage services to meet specific requirements.
Want more? Try a lab playground or do a Lab Challenge!
- Obtain an in-depth understanding of Amazon S3 - Simple Storage Service
- Get both a theoretical and practical understanding of EFS
- Learn how to create an EFS file system, manage EFS security, and import data in EFS
- Learn about EC2 storage and Elastic Block Store
- Learn about the services available in AWS to optimize your storage
- Learn how to use AWS DataSync to move data between storage systems and AWS storage services
The "Storage" section is now complete. So, a great welcome making it this far. So, what did we cover? We looked at Amazon S3, the Elastic File System, also our old favorites from the compute course, EBS and EC2 instance storage. And we also touched on Amazon Fsx, Storage Gateway and Amazon Backup. Now in the exam prep, I want to use this time to ramp up and helping you prepare and pass any questions on storage.
So, we touching on some of the most common elements that you might see in the exam. So, let's take a look. So, let me start with Amazon S3. Now you need to know this service pretty well as you'll be definitely getting a few questions on this service. So firstly, some key points: Is highly available, highly durable, very cost-effective, and widely accessible. It's great for use cases such as data lakes, data backups, building websites, and much more. However, there are some key elements that you do need to know. I would say without hesitation you'll experience some sort of question that we'll reference to storage classes that exist, and these are usually relating to cost optimization or the speed of data retrieval.
Now, remember that Glacier Storage classes are designed for long-term data storage providing the most cost-optimized solution. But the drawback is, that they do not offer instant data retrieval. Whereas S3 Storage classes, do offer that instant data retrieval but are more expensive as a result. Now, as I discussed in the previous course there are a number of different storage classes available for S3 but you need to have an insight into when to use one over the other for optimization and news case point.
For example, if you had a workload that provided unpredictable pattern access and looking to provide a cost-effective storage solution on S3, you might use S3 Intelligent Tiering over Standard. Or, if you wanted instant access to objects for the lowest cost point where your data could be easily reproduced, if lost, then you would use S3 One Zone Infrequent Access. So, let's look at a question where knowledge of storage classes comes into play.
Now, storage classes aren't the only element of S3 that you need to understand to be prepared for questions covering S3. You should certainly understand S3 Versioning, Lifecycle Rules, Transfer Acceleration, and Basic Security Controls.
You'll be expected to be able to determine when it's best to use Versioning and Lifecycle Rules to manage your data on S3. So, you might be given a scenario about how you need to keep data highly accessible for 90 days after which it won't be needed to be accessed anymore, but it will be needed to keep for legal reasons. So, what would you implement to enforce this behavior? Would you add Versioning? Well, no, because this is used to allow to cover from previous versions if changes to your objects are made or if they are deleted.
Would you use Lifecycle Rules? Yes, certainly, this provides an automatic method of moving your data between storage classes based on time periods. So, you can move your data from S3 Standard to S3 Glacier. Now, one final point on S3, before we look at a question is to ensure that you familiarize yourself with the options to control access to your S3 buckets. Now, you can either use identity-based policies through IAM, resource-based policies using bucket policies, S3 Access Control Lists, in-built public protection settings on the bucket or Cross Origin Resource Sharing.
Next, we looked at the Elastic File System and this is a scalable network file storage service for use with Amazon EC2 instances that can easily scale to petabytes in size with low latency access providing support to thousands of EC2 instances at once. So, this is very different from S3. Where S3 is used for object storage, EFS is used as file system storage. Again, however, it does have storage classes and varied performance options for you to optimize your file system with.
So, make sure you know the difference between the Standard and Infrequent storage classes in addition to performance modes including general purpose and MAX I/O, but also the throughput modes of Bursting Throughput and Provisioned Throughput as well. So, just have a recap of those and just understand when you might use each of those individually. Now, you might receive questions asking you to select the most appropriate performance and throughput mode based on a particular workload. Now, knowing these difference will help you quickly and easily eliminate any wrong answers and help you find the correct answer.
I would also recommend you just understand some of the underlying architecture from a connectivity perspective. So, familiarize yourself with mount points and the part that they play with how your EC2 instances connect EFS in using these mount points. Also, if you receive any questions relating to encryption with EFS, then remember it offers both encryption at rest backed by KMS like most AWS services, but importantly, it also supports in transit encryption too which can be configured during the mounting process.
Okay, so moving on from EFS, we also looked at the Elastic Block Store and we cover this in the compute section as well, but in this section would cover it at a greater depth. Looking into the service as a whole not just from an EC2 stand point. So right off the bat, the key points for EBS to remember for the exam are that: It is persistent data. Meaning the data will not be lost if you terminate the instance that the EBS filling is attached to. It's a really flexible storage option for your EC2 instances. And your knowledge of this flexibility will be assessed in the exam.
One element to really focused on for the certification are the EBS snapshots; how they work, where they are stored, and also how they work when encryption is applied. This is all covered in the course. So, ensure you understand these key points. Now you might be presented with a scenario where you have an unencrypted EBS volume that now needs to be encrypted within a different region. How would you go about doing this? Well, one option will be is to take a snapshot of the volume, copy this snapshot to the right region, and then create a new volume from this copied snapshot and select encryption during the volume creation.
So, you need to understand what you can and can't do with a snapshot. For example, you can't create an unencrypted volume from an encrypted snapshot. Similarly, you can't create an unencrypted snapshot from an encrypted volume.
Okay, moving on. We also looked at FSx at a high level. It's not mentioned on the exam at any significant level but you should be aware of it, and what it is, and when you might use it. So remember, then it's another file system storage service much like EFS, but also note that FSx comes in two flavors. FSx for Windows which provides a Windows File Server used as a fully managed native Windows File system on AWS, and it uses the Server Message Block protocol, SMB. The other being FSx for Lustre which is a fully managed Linux-based File System, and this is designed for compute intensive workloads and high performance computing.
So, as long as you remember those components for the exam you shouldn't need much more than that when it comes to FSx. Now, the final service I want to talk about is AWS Storage Gateway. Again, there are some key points to focus on. Firstly, is use case. It provides a gateway between your own data center storage systems and Amazon S3, and Glacier. For giving you a hybrid storage solution with unlimited space. Now, secondly, there were three types of gateway that you need to know. The file, volume, and tape gateway configuration. Now in the exam, you'll be given a scenario and asked which solution would be best based on specific criteria. So, ensure you have a good understanding of the differences between the three.
So, just a quick wrap up before we move on to the next section. If you get any questions about unlimited object storage think S3 and about storage classes and how Glacier is used for long-term data storage. How you can use Lifecycle policies and Versioning to help with data management. Transfer acceleration for getting data into S3 faster. If you get any questions about persistence of data with EC2 instances, think EBS volumes, block storage, EBS snapshots as backups, and encryption is also possible. If questions appear related to network file systems, think EFS running the NFS protocol.
Mount points for connecting your EC2 instances, multiple availability zones, encryption in transit and at-rest, and thousands of concurrent connections. If any questions relate to Windows file systems using the Server Message Block protocol, think Amazon FSx for Windows, or if anything relates to file systems for high-performance computing using Linux instances think Amazon FSx Lustre. Now lastly, if any scenarios appear talking about backing up data between your own corporate data center and AWS using S3 Glacier, think AWS Storage Gateway either using File, Volume or Tape Gateways. Okay, that's it for me, now you're ready to tackle the next section.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.