Features of Amazon EFS
Following are features of Amazon EFS.
Topics
Authentication and access control
You must have valid credentials to use the Amazon EFS management console and to make Amazon EFS API requests, such as create a file system. In addition, you must also have permissions to create or access other EFS and AWS resources.
Users and roles that you create in AWS Identity and Access Management (IAM) must be granted permissions to create or access resources. For more information about permissions, see Identity and access management for Amazon EFS.
IAM authorization for NFS clients is an additional security option for Amazon EFS that uses IAM to simplify access management for Network File System (NFS) clients at scale. With IAM authorization for NFS clients, you can use IAM to manage access to an EFS file system in an inherently scalable way. IAM authorization for NFS clients is also optimized for cloud environments. For more information on using IAM authorization for NFS clients, see Using IAM to control file system data access.
Data consistency in Amazon EFS
Amazon EFS provides the close-to-open consistency semantics that applications expect from NFS.
In Amazon EFS, write operations for Regional file systems are durably stored across Availability Zones in these situations:
-
An application performs a synchronous write operation (for example, using the
open
Linux command with theO_DIRECT
flag, or thefsync
Linux command). -
An application closes a file.
Depending on the access pattern, Amazon EFS can provide stronger consistency guarantees than close-to-open semantics. Applications that perform synchronous data access and perform non-appending writes have read-after-write consistency for data access.
File locking
NFS client applications can use NFS version 4 file locking (including byte-range locking) for read and write operations on Amazon EFS files.
Remember the following about how Amazon EFS locks files:
-
Amazon EFS only supports advisory locking and read/write operations don’t check for conflicting locks before executing. For example, to avoid file synchronization issues with atomic operations, your application must be aware of NFS semantics (such as close-to-open consistency).
-
Any one particular file can have up to 512 locks across all instances connected and users accessing the file.
Availability and durability of EFS file systems
This section describes the file system types and storage class options for Amazon Elastic File System (Amazon EFS) file systems.
EFS file system types
Amazon EFS offers Regional and One Zone file system types.
-
Regional – Regional file systems (recommended) store data redundantly across multiple geographically separated Availability Zones within the same AWS Region. Storing data across multiple Availability Zones provides continuous availability to the data, even when one or more Availability Zones in an AWS Region are unavailable.
-
One Zone – One Zone file systems store data within a single Availability Zone. Storing data in a single Availability Zone provides continuous availability to the data. In the unlikely case of the loss or damage to all or part of the Availability Zone, however, data that is stored in these types of file systems might be lost.
In the unlikely case of the loss or damage to all or part of an AWS Availability Zone, data in a One Zone storage class may be lost. For example, events like fire and water damage could result in data loss. Apart from these types of events, our One Zone storage classes use similar engineering designs as our Regional storage classes to protect objects from independent disk, host, and rack-level failures, and each are designed to deliver 99.999999999% data durability.
For added data protection, Amazon EFS automatically backs up One Zone file systems with AWS Backup. You can restore file system backups to any operational Availability Zone within an AWS Region, or you can restore them to a different AWS Region. EFS file system backups that are created and managed using AWS Backup are replicated to three Availability Zones and are designed for durability. For more information, see Resilience in AWS Backup.
Note
One Zone file systems are available to only certain Availability Zones. For a table that lists the Availability Zones in which you can use One Zone file systems, see Supported Availability Zones for One Zone file systems.
The following table compares the file system types, including their availability, durability, and other considerations.
File system type | Designed for | Durability (designed for) | Availability | Availability Zones | Other considerations |
---|---|---|---|---|---|
Regional |
Data requiring the highest durability and availability. |
99.999999999% (11 9s) |
99.99% |
>=3 |
None |
One Zone |
Data that doesn't require the highest durability and availability. |
99.999999999% (11 9s) |
99.99% |
1 |
Not resilient to the loss of the Availability Zone |
Supported Availability Zones for One Zone file systems
One Zone file systems are available to only certain Availability Zones. The following table lists the AWS Region and the AZ IDs for each Availability Zone in which you can use One Zone file systems. To see the mapping of AZ IDs to Availability Zones in your account, see Availability Zone IDs for your AWS Resources in the AWS Resource Access Manager User Guide.
AWS Region Name | AWS Region Code | Supported AZ IDs |
---|---|---|
US East (Ohio) | us-east-2 |
use2-az1, use2-az2, use2-az3 |
US East (N. Virginia) | us-east-1 |
use1-az1, use1-az2, use1-az4, use1-az5, use1-az6 |
US West (N. California) | us-west-1 | usw1-az1, usw1-az3 |
US West (Oregon) | us-west-2 | usw2-az1, usw2-az2, usw2-az3, usw2-az4 |
Africa (Cape Town) | af-south-1 | afs1-az1,afs1-az2,afs1-az3 |
Asia Pacific (Hong Kong) | ap-east-1 | ape1-az1, ape1-az2,ape1-az3 |
Asia Pacific (Mumbai) | ap-south-1 | aps1-az1, aps1-az2, aps1-az3 |
Asia Pacific (Osaka) | ap-northeast-3 | apne3-az1, apne3-az2, apne3-az3 |
Asia Pacific (Seoul) | ap-northeast-2 | apne2-az1, apne2-az2, apne2-az3 |
Asia Pacific (Singapore) | ap-southeast-1 | apse1-az1, apse1-az2 |
Asia Pacific (Sydney) | ap-southeast-2 | apse2-az1, apse2-az2, apse2-az3 |
Asia Pacific (Tokyo) | ap-northeast-1 | apne1-az1,apne1-az4 |
Canada (Central) | ca-central-1 | cac1-az1, cac1-az2 |
China (Beijing) | cn-north-1 | cnn1-az1, cnn1-az2 |
China (Ningxia) | cn-northwest-1 | cnnw1-az1, cnnw1-az2, cnnw1-az3 |
Europe (Frankfurt) | eu-central-1 | euc1-az1, euc1-az2, euc1-az3 |
Europe (Ireland) | eu-west-1 | euw1-az1, euw1-az2, euw1-az3 |
Europe (London) | eu-west-2 | euw2-az1, euw2-az2 |
Europe (Milan) | eu-south-1 | eus1-az1, eus1-az2, eus1-az3 |
Europe (Paris) | eu-west-3 | euw3-az1, euw3-az3 |
Europe (Stockholm) | eu-north-1 | eun1-az1, eun1-az2, eun1-az3 |
Middle East (Bahrain) | me-south-1 | mes1-az1, mes1-az2, mes1-az3 |
South America (São Paulo) | sa-east-1 | sae1-az1, sae1-az2, sae1-az3 |
AWS GovCloud (US-East) | us-gov-east-1 | usge1-az1, usge1-az2, usge1-az3 |
AWS GovCloud (US-West) | us-gov-west-1 | usgw1-az1, usgw1-az2, usgw1-az3 |
EFS storage classes
Amazon EFS offers different storage classes that are designed for the most effective storage depending on use cases.
-
EFS Standard – The EFS Standard storage class uses solid state drive (SSD) storage to deliver the lowest levels of latency for frequently accessed files. New file system data is first written to the EFS Standard storage class and then can be tiered to the EFS Infrequent Access and EFS Archive storage classes by using lifecycle management.
EFS Infrequent Access (IA) – A cost-optimized storage class for data that is accessed only a few times each quarter.
-
EFS Archive – A cost-optimized storage class for data that is accessed a few times each year or less.
The EFS Archive storage class is supported on EFS file systems with Elastic throughput. You cannot update your file system’s throughput to Bursting or Provisioned once the file system has data in the Archive storage class.
Comparing storage classes
The following table compares the storage classes. For more details about the performance of each storage class, see Amazon EFS performance.
Storage class | Designed for | First byte read latency | Durability (designed for)1 | Availability SLA | Availability zones | Minimum billing charge per file2 | Minimum storage duration |
---|---|---|---|---|---|---|---|
EFS Standard | Active data requiring fast sub-millisecond latency performance | Sub-millisecond | 99.999999999% (11 9's) |
99.99% (Regional) 99.9% (One Zone) |
=>3 (Regional) 1 (One Zone) |
Not applicable | Not applicable |
EFS Infrequent Access | Inactive data that is accessed only a few times each quarter. | Tens of milliseconds |
128 KiB | Not applicable | |||
EFS Archive | Inactive data that is accessed a few times each year or less | Tens of milliseconds | 99.9% (Regional) | =>3 (Regional) | 128 KiB | 90 days |
Note
1Because One Zone file systems store data in a single AWS Availability Zone, data that is stored in these types of file systems might be lost in the event of a disaster or other fault that affects all copies of the data within the Availability Zone, or in the event of Availability Zone destruction.
2Lifecycle policies updated on or after 12 PM PT, November 26, 2023 will tier files of < 128 KiB to the IA class. For more information about how Amazon EFS meters and bills for individual files and metadata, see How Amazon EFS reports file system and object sizes.
Storage class pricing
You are billed for the amount of data in each storage class. You are also billed data
access charges when files in IA or Archive storage are read, or
for data that transitions between storage classes using lifecycle management. The AWS
bill displays the capacity for each storage class and the metered access against the file
system's storage class. To learn more, see Amazon EFS
Pricing
Additionally, Infrequent Access (IA) and Archive storage classes have a minimum billing charge per file of 128 KiB. Support for files smaller than 128 KiB is only available for lifecycle policies updated on or after 12:00 PM PT, November 26, 2023. For more information on how Amazon EFS meters and bills for individual files and metadata, see How Amazon EFS reports file system and object sizes.
Additional pricing applies for file systems that use Provisioned or Bursting throughput.
-
For file systems using Provisioned throughput, you are billed for the throughput provisioned above what you are provided based on the amount of data that is in the EFS Standard storage class.
-
For file systems using Bursting throughput, the allowed throughput is determined based on the amount of the data stored in the EFS Standard storage class only.
For more information about EFS throughput modes, see Throughput modes.
Note
You don't incur data access charges when using AWS Backup to back up lifecycle management-enabled EFS file systems. To learn more about AWS Backup with Amazon EFS, see Backing up EFS file systems.
Lifecycle management
To manage your file systems so that they are stored cost effectively throughout their lifecycle, use lifecycle management. Lifecycle management automatically transitions data between storage classes according to the lifecycle configuration defined for the file system. The lifecycle configuration is a set of lifecycle policies that define when to transition the file system data to another storage class. For more information, see Managing storage lifecycle for EFS file systems.
Replication
You can create a replica of your Amazon EFS file system in the AWS Region of your preference using replication. Replication automatically and transparently replicates the data and metadata on your EFS file system to a new destination EFS file system that is created in an AWS Region that you choose. EFS automatically keeps the source and destination file systems synchronized. Replication is continual and designed to provide a recovery point objective (RPO) and a recovery time objective (RTO) of minutes. These features assist you in meeting your compliance and business continuity goals. For more information, see Replicating EFS file systems.