AWS Hands-On | EC2 Instance Storage | Elastic File System

📌 Notice

This is a hands-on tutorial accompanying the blog post:

“Pass the AWS Certified Solutions Architect Associate Certification SAA-C03-(Episode 6: EC2 Instance Storage)”

🔹 Focus: Practical implementation of Amazon Elastic File System (EFS).
🔹 For theoretical concepts and exam-style questions, please refer to the main blog post (link to parent blog).

What is Amazon EFS?

Amazon Elastic File System (EFS) provides scalable, shared file storage for EC2 instances across multiple Availability Zones (AZs). It’s ideal for:
✅ Shared workloads (e.g., web servers, CI/CD)
✅ Multi-AZ deployments (high availability)
✅ Pay-as-you-go (no capacity planning)

Step 1: Create an EFS File System

1. Go to the AWS EFS Console.
2. Click “Create file system”.
3. Configure settings:

• Name: Optional (e.g., my-efs-demo).
• VPC: Select your default VPC.
• File system type: Regional: For high availability (recommended). One Zone: Lower cost (single AZ, risky for production).
• Enable automatic backups: Recommended for production.
• Lifecycle management: Move files to Infrequent Access (IA) after 30 days. Move to Archive after 90 days (optional).
• Encryption: Enable (AWS KMS or default AES-256).
• Throughput mode:

1. Bursting — Provides throughput that scales with the amount of storage for workloads with basic performance requirements.
2. Enhanced — Provides more flexibility and higher throughput levels for workloads with a range of performance requirements.
   Elastic (unpredictable IO, auto-scales, pay-per-use, recommended). Provisioned (fixed throughput, for predictable workloads).

• Performance mode: General Purpose (low latency, recommended). Max I/O (high throughput, higher latency).
• Click “Next”.

Step 2: Configure Network Access

• Select VPC & Subnets:
• Choose subnets in multiple AZs (for Regional EFS).
• Security Groups:
• Create a new SG (e.g., EFS-SG-Demo) with: Inbound Rule: NFS (port 2049) from EC2 instances. Or let AWS auto-create SGs during EC2 setup (shown later).
• Click “Next” → “Create”.

• Replace new security group that you created

• Leave the File system policy as it is

Step 3: Launch EC2 Instances with EFS Mount

1. Launch EC2 Instances in different AZs (e.g., us-east-1a, us-east-1b).

• Edit Network Settings — choose 1 subnet

• Edit File System — click add shared file system
• Launch Instance

• Like this create Instance B
• choose another subnet different from the Instance A
• Select same security group that chose in Instance A
• Launch Instance B

• Navigate to EFS again
• Click the EFS created
• Click on Network Tab check the security group properly set

• Go back to EC2 instance and go to security group

• Select EFS-SG-Demo and go to inbound rules
• Edit Inbound rules

• Go to EC2 Instance A & B -> connect

• Save helo.txt in EC2 instance A

[ec2-user@ip-172-31-21-228 ~]$ ls /mnt/efs/fs1
[ec2-user@ip-172-31-21-228 ~]$ sudo su
[root@ip-172-31-21-228 ec2-user]# echo "hello world" > /mnt/efs/fs1/hello.txt
[root@ip-172-31-21-228 ec2-user]# cat /mnt/efs/fs1/hello.txt
hello world
[root@ip-172-31-21-228 ec2-user]# 

• Check the same file in EC2 instance B

[ec2-user@ip-172-31-47-195 ~]$ ls /mnt/efs/fs1
hello.txt
[ec2-user@ip-172-31-47-195 ~]$ 

• Now the EFS file system shared across Instance A & Instance B.

To stay informed on the latest technical insights and tutorials, connect with me on Medium and LinkedIn. For professional inquiries or technical discussions, please contact me via email. I welcome the opportunity to engage with fellow professionals and address any questions you may have.