Skip to content


General Info

  • Persistent Block-Level storage for EC2
  • Automatically replicated within a single AZ (not across regions/zones)
  • Multiple EBS can be attached to 1 EC2, but an EBS volume can only attach to a single instance at one time
  • Use Cases
    • Primary storage for DB
    • Filesystem

EBS Volume Types

Name Description Use Cases IOPS Volume Size THR
Standard HDD
  • Low cost storage is a requirement
  • Charged on data space PROVISIONED, not used
  • Sequential reads
  • Cold workloads where data is accessed infrequently
1GB - 1TB 90MiB/s
Cold HDD (sc1)
  • Low-cost storage for infrequently accessed data
250 500GB - 16TB 250 MiB/s
Throughput-optimised HDD (st1)
  • Low-cost solution designed for applications that are throughput intensive
  • Data warehousing / Big data
  • Log processing
  • Video/data streaming
500 500GB - 16TB 500 MiB/s
General-purpose SSD (gp2)
  • Good balance for performance and cost
  • Disk Performance not critical
  • Charged on data space PROVISIONED, not used
  • Boot Volumes
  • Small/medium sized DBs
  • dev/test
16,000 1GB - 16TB 128-250 MiB/s
Provisioned IOPS SSD (io1)
  • Best-performing SSD
  • Any application that needs consistent IOPS above 16,000
  • Also charged for provisioned IOPS
  • Database workloads
  • I/O intensive workload
32,000 - 64,000 4GB - 16TB 500-1000 MiB/s
IOPS Performance - General Purpose SSD

Baseline 3 IOPS/GBprovisioned capped at 10k IOPS:

1TB --> baseline 3K IOPS
5TB --> hit cap at 10k IOPS

if <1TB can BURST to 3K IOPS:

500G --> baseline = 1,500 IOPS
         when not used accumulated as credits
         when heavy traffic --> up to 3K IOPS till credits depleted

Protecting Data

  • Native in EBS with KMS (wrapped data key stored alongside volume)
  • Transparent (same IOPS)
  • Occurs on the servers that host the EC2 instance, so data is encrypted in transit and at rest
  • Snapshots from encrypted volumes are automatically encrypted
  • ec2:CreateVolume action paired with ec2:Encrypted condition key can enforce use of encrypted volumes
Backup & Recovery
  • Backup data by taking point-in-time snapshots (incremental backups)
  • Set the root EBS volume to persist after instance termination: DeleteOnTermination = false
  • Data for snapshot
    • Stored in S3 (AWS-controlled)
    • Constrained in the original region
    • To create (restore) in different region, 1st copy snapshot in that region
  • Creating EBS volumes from snapshots
    • Volume created immediately
    • Data loaded lazily
    • If data requested not restored yet → restored upon 1st request
    • Best practice to access all blocks when initialising