EFS
Use cases¶
- Shared storage → appropriate for large data sets of larger file sizes
- Petabyte-scale NFS filesystem → no need to provision size
- NFS v4.0 and 4.1 (NFSv4)
Characteristics¶
- Stores data at a region scope, replicating that data into at least 3 AZs within the region → < availability, > durability than EBS
- Can be configured with either
General PurposeorMaxIOperformance modes - Mount targets appear as Endpoints in a VPC → Security Groups can control access
- Charged for data used
| Type | THR | Notes |
|---|---|---|
| EFS File system resource | 10GB/s+ |
|
| EFS General Purpose performance mode | 35000 READ, 7000 WRITE IOPS |
Lowest metadata latency |
| EFS MaxIO performance mode | 500k+ IOPS |
Highest metadata latency |
Security¶
- IAM only used for administration
- Standard posix permissions
- Encryption
- EFS file systems must be encrypted at resource creation (check the
Encrypted File Systemoption) - Transparent encryption at rest with KMS
- NFS over TLS is an option with the EFS mount helper (stunnel)
- EFS file systems must be encrypted at resource creation (check the