1.3.10 Storage Services (S3, EBS, EFS)
Storage Services cho Developer
So sánh S3 vs EBS vs EFS
| Feature | S3 | EBS | EFS |
|---|
| Type | Object storage | Block storage | File storage (NFS) |
| Access | HTTP/HTTPS API | Single EC2 instance (hoặc multi-attach io2) | Multiple EC2/Lambda/ECS |
| Durability | 99.999999999% (11 9s) | 99.999% | 99.999999999% |
| Scaling | Unlimited | Fixed size (provision) | Auto-scaling |
| Use case | Static assets, backups, data lake | EC2 boot volumes, databases | Shared file system |
| Lambda support | ✅ SDK access | ❌ | ✅ Mount as local filesystem |
Amazon EFS (Elastic File System)
Lambda + EFS Integration
Lambda Function → VPC → EFS Mount Target → EFS File System
(same VPC, private subnets)
- Lambda mount EFS as local filesystem (
/mnt/efs) - Shared storage giữa multiple Lambda functions
- Use cases: ML models, shared config, large reference data
# SAM template
MyFunction:
Type: AWS::Serverless::Function
Properties:
VpcConfig:
SecurityGroupIds: [!Ref LambdaSG]
SubnetIds: [!Ref PrivateSubnet1, !Ref PrivateSubnet2]
FileSystemConfigs:
- Arn: !GetAtt EFSAccessPoint.Arn
LocalMountPath: /mnt/data
EFS Access Points
- Application-specific entry points
- Enforce user identity (POSIX UID/GID)
- Root directory per application
- IAM-based access control
| Mode | Use Case |
|---|
| General Purpose | Low latency, most workloads |
| Max I/O | High throughput, parallel access |
Throughput Modes
| Mode | Mô tả |
|---|
| Bursting | Scales with file system size |
| Provisioned | Fixed throughput regardless of size |
| Elastic | Auto-scales throughput (recommended) |
Storage Classes
| Class | Mô tả |
|---|
| Standard | Frequently accessed |
| Infrequent Access (IA) | Lower cost, retrieval fee |
| Archive | Lowest cost, rarely accessed |
- Lifecycle policies tự động move files giữa classes
Amazon EBS (Elastic Block Store)
Volume Types cho Developer
| Type | Use Case | IOPS |
|---|
| gp3 | General purpose (default) | 3,000 baseline, up to 16,000 |
| io2 | High-performance databases | Up to 64,000 |
| st1 | Throughput-optimized (big data) | N/A (throughput-based) |
Key Points cho Exam
- EBS volumes attached to single EC2 instance (same AZ)
- Snapshots → S3 (incremental, cross-region copy)
- Encryption: AWS managed hoặc CMK
- Multi-Attach (io2 only): multiple EC2 in same AZ
Amazon S3 cho Developer
Key Features
| Feature | Mô tả |
|---|
| Pre-signed URLs | Temporary access without AWS credentials |
| S3 Select | Query data in-place (CSV, JSON, Parquet) |
| Event Notifications | Trigger Lambda, SQS, SNS, EventBridge |
| Transfer Acceleration | Fast upload via CloudFront edge |
| Multipart Upload | Large files (> 100MB recommended) |
# Pre-signed URL (temporary access)
import boto3
s3 = boto3.client('s3')
url = s3.generate_presigned_url('get_object',
Params={'Bucket': 'my-bucket', 'Key': 'file.pdf'},
ExpiresIn=3600 # 1 hour
)
Exam Tip: Lambda + shared storage = EFS (mount as filesystem). Large objects = S3. EC2 boot/database volumes = EBS. EFS cần Lambda trong VPC. Pre-signed URLs cho temporary S3 access. S3 Select giảm data transfer.