Amazon Elastic File System (EFS) is a fully managed service that provides NFS file system for Linux workloads within AWS Cloud services or at on-premise.

 

Key Points for Amazon Elastic File System

  • Supports NFS v4.0 and v4.1
  • Unlike EBS (where you have to provision storage capacity and pay per provisioned capacity), in case of EFS you only pay for the space you use.
  • Thousands of EC2 instances can access an EFS at the same time (by simply mounting the system), without compromising performance.
  • EFS is built to scale on demand to petabytes without disrupting applications, growing and shrinking automatically as you add and remove files, eliminating the need to provision and manage capacity to accommodate growth.
  • Amazon EFS offers two storage classes:
    • Standard storage class
    • Infrequent Access storage class (EFS IA) – a cost optimized storage
    • You can start using EFS IA by simply enabling EFS Lifecycle Management for your file system and choosing an age-off policy (14, 30, 60, or 90 days), allowing automatic move between Storage classes based on data use frequency.
  • EFS is a Regional service, storing (and replicating) data within and across multiple AZs for high availability and durability.
  • You can create up to 1,000 file systems per Region.

 

EFS Performance Configurations

  • Performance Mode – selected at EFS creation time, and cannot be changed later
    • General Purpose
    • Max I/O
  • Throughput Mode
    • Bursting – good for most purposes
    • Provisioned – ensures throughput performance for application needs

 

Data transfer and backup

These two services are recommended by AWS for use with EFS:

  • AWS DataSync – uses purpose-built protocol accelerate and secure data transfer between on-premise storage and EFS
    • You can use DataSync to transfer files between EFS that are in different Regions and / or different Accounts
  • AWS Data Backup – centralized place to enable automatic backup of your EFS data

 

Security

  • You can use a mix of IAM policies and Security Groups to control access to your EFS
  • EFS Access Point – you can create and configure an EFS Access Point to enable access to specific part of your EFS directory structure, for a specific set of operating system users / groups. It enables access management by subsets of your data on EFS.
  • EFS supports encryption of data at rest, and in transit.
    • At Rest – data is transparently encrypted / decrypted for write / read operations, and associated keys are managed by KMS.
    • In Transit – data is encrypted using TLS

 

Pricing

Amazon Elastic File System (EFS) is billed for following components:

  • Storage – per GB per month
    • price varies by storage class – Standard / Infrequent Access Storage Class
  • Infrequent Access Requests – per GB transferred
  • Provisioned Throughput – per MBs per month

 

External Resources

 

 

Data EC2 EFS Storage