Increasing Your Security Posture when Using Amazon S3
S3 Encryption Mechanisms
Amazon S3 Lifecycle Configurations
Introduction to Amazon EFS
EFS in Practice
Amazon Elastic Block Store (EBS)
AWS Storage Gateway
Performance Factors Across AWS Storage Services
The course is part of this learning path
This section of the AWS Certified Solutions Architect - Professional learning path introduces you to the core storage concepts and services relevant to the SAP-C02 exam. We start with an introduction to AWS storage services, understand the options available, and learn how to select and apply AWS storage services to meet specific requirements.
- Obtain an in-depth understanding of Amazon S3 - Simple Storage Service
- Learn how to improve your security posture in S3
- Get both a theoretical and practical understanding of EFS
- Learn how to create an EFS file system, manage EFS security, and import data in EFS
- Learn about EC2 storage and Elastic Block Store
- Learn about the different performance factors associated with AWS storage services
Hello and welcome to this lecture where I will explain what the Amazon EFS service is and how it fits into the storage ecosystem. Let me start by taking a step back and looking at where the EFS service fits in within the world of AWS storage. Firstly, I want to look at the array of AWS storage offerings and compare a few of them. AWS has more storage solutions than I'm going to discuss in this course and I will probably continue to add more in the future. But I'm just going to focus on three different services. The reason I've selected these three is that, at first glance, they may seem similar and many people can be unsure which of these solutions to choose from to fit their current storage requirements.
Amazon Simple Storage Service or S3 is an object storage solution. Object storage stores everything as a single object, not in small chunks or blocks. With this type of storage, you upload a file and if the file changes to replace it, the entire file will be replaced. This type of storage is best for situations where files are written once and then accessed many times. It's not optimal for situations that require both heavy read and write access at the same time. So Amazon S3 is usually used for storage of large files such as video files, images, static websites, and backup archives. For example, Netflix uses S3 for their data streaming service. They upload large movie files once and then subscribers access and play the movies many, many times.
The next service is the Amazon Elastic Block Store or EBS, and it's block-level storage. Files are not stored as single objects. They're stored in small chunks of blocks so that only the portion of the file that is changed will be updated. This type of storage is optimized for low latency access and when fast, concurrent read and write operations are needed. EBS provides persistent block storage volumes for use with a single EC2 instance. As described, EBS is persistent, meaning that even if you stop or terminate an EC2 instance that's using EBS, the data on the EBS volume remains intact. You should use this type of storage like a computer hard drive where you store operating system files, applications and other files you wish to obtain for use with your EC2 instance.
Amazon Elastic File System, or EFS, is considered file-level storage and is also optimized for low latency access, but unlike EBS, it supports access by multiple EC2 instances at once. It appears to users like a file manager interface and uses standard file system semantics such as locking files, renaming files, updating files and uses a hierarchy structure. This is just like what we're used to on standard premise-based systems. This type of storage allows you to store files that are accessible to network resources.
Before diving deep on EFS, let me discuss how people are traditionally used to accessing network files and resources. In traditional premises-based networks, users access files by browsing network resources that connect to a server, perhaps via a mapped drive that has been configured for them, and once they connect, they will see a tree view of available folders and files. This functionality is generally provided by various local area network systems such as file servers or storage area network, a SAN, or network-attached storage, a NAS.
Now let's move on from the traditional premises-based solutions and talk about cloud-based solutions, specifically within AWS and the Amazon Elastic File System service. EFS provides simple, scalable file storage for use with Amazon EC2 instances. Much like traditional file servers, or a SAN or a NAS, Amazon EFS provides the ability for users to browse cloud network resources. EC2 instances can be figured to access Amazon EFS instances using configured mount points. Now, mount points can be created in multiple availability zones that attach to multiple EC2 instances. So, much like your traditional land servers, EC2 instances are connected to a network file system, Amazon EFS. So from a user standpoint, the result is the same. The user accesses network resources just as they always have done except for now, it's done using cloud resources.
EFS is a fully managed, highly available and durable service that allows you to create shared file systems that can easily scale to petabytes in size with low latency access. EFS has been designed to maintain a high level of throughput in addition to low latency access response, and these performance factors make EFS a desirable storage solution for a wide variety of workloads, and use cases and can meet the demands of tens, hundreds or even thousands of EC2 instances concurrently. Being a managed service, there is no need for you to provision any file servers to manage the storage elements or provide any maintenance of those servers. This makes it a very simple option to provide file-level storage within your environment. It uses standard operating system APIs, so any application that is designed to work with standard operating system APIs will work with EFS. It supports both NFS versions 4.1 and 4.0, and uses standard file system semantics such as strong consistency and file locking. It's replicated across availability zones in a single region making EFS a highly reliable storage service.
As the file system can be accessed by multiple instances, it makes it a very good storage option for applications that scale across multiple instances allowing for parallel access of data. The EFS file system is also regional, and so any application deployments that span across multiple availability zones can all access the same file systems providing a level of high availability of your application storage layer. At the time of writing this course, EFS is not currently available within all regions. For a list of supported regions, please visit the following link: https://docs.aws.amazon.com/general/latest/gr/rande.html#elasticfilesystem-region.
That now brings me to the end of this lecture.
Danny has over 20 years of IT experience as a software developer, cloud engineer, and technical trainer. After attending a conference on cloud computing in 2009, he knew he wanted to build his career around what was still a very new, emerging technology at the time — and share this transformational knowledge with others. He has spoken to IT professional audiences at local, regional, and national user groups and conferences. He has delivered in-person classroom and virtual training, interactive webinars, and authored video training courses covering many different technologies, including Amazon Web Services. He currently has six active AWS certifications, including certifications at the Professional and Specialty level.