Amazon EFS offers two throughput modes: Bursting and Provisioned. The throughput mode helps determine the overall throughput a file system can achieve. With Bursting Throughput, the throughput scales with the size of the file system, dynamically bursting as needed to support the spiky nature of many file-based workloads. Provisioned Throughput is designed to support applications that require higher dedicated throughput than the default Bursting mode and can be configured independently of the amount of data stored on the file system.
Elastic and scalable
With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, dynamically providing the storage capacity to applications as they need it. Since capacity is elastic, there is no provisioning necessary and you will only be billed for what you use. Amazon EFS is designed to be highly scalable both in storage capacity and throughput performance. It can grow to petabyte scale and allows massively parallel access from Amazon EC2 instances to your data. With Amazon EFS, throughput and IOPS scale as a file system grows, and file operations are delivered with consistent, low latencies.
Security and compliance
Amazon EFS allows you to tightly control access to your file systems through POSIX permissions and Amazon EFS security groups. POSIX permissions allow you to restrict access from hosts by user and group while security groups act as a firewall, and the rules you add define the traffic flow. Use Amazon Virtual Private Cloud (Amazon VPC) to manage network access and AWS Identity and Access Management (IAM) to control access to Amazon EFS APIs. Amazon EFS also meets many eligibility and compliance requirements to help you meet your regulatory needs.
Amazon EFS offers encryption for data at rest and in transit providing a comprehensive encryption solution to secure both your stored data and data in flight. Data at rest is transparently encrypted using encryption keys managed by the AWS Key Management Service (KMS), eliminating the need to build and maintain a key management infrastructure. Encryption of data in transit uses industry-standard Transport Layer Security (TLS) to secure network traffic without having to modify your applications. Refer to the user documentation on Encryption for more information about encrypting file system data.
AWS Backup is a fully managed backup service that makes it easy to centrally manage and automate backups of your Amazon EFS file systems removing the need for costly, custom solutions and manual processes. AWS Backup goes beyond backing up Amazon EFS and centralizes the back up of data across other AWS services in the cloud as well as on premises. As applications move to the cloud, their data can become distributed across multiple services, making it difficult to manage and consolidate backup activity without creating custom scripts and manual processes. Using AWS Backup, you can centrally configure and audit AWS resources, automate backup scheduling, set retention policies, and monitor backup activity.