AWS Cloud Practitioner Certification: Storage Overview

Types of storages in AWS

Block Storage

  • It’s the blocks where the data is stored.
  • Best for applications, databases or components who needs fast and frequent updates.
  • Block EC2 instance store
    • Designed to attach to each EC2 instance.
    • Attached to the underlying physical host.
    • Deleted when the EC2 instance is removed.
    • Useful when you can lose the data ( temporary files, scratch data, …)

  • To create a space outside of an EC2 instance we use Amazon Elastic Block Store (EBS)
    • The virtual drives created with EBS we called EBS volumes.
    • The volumes are not attached to the underlying physical host of an EC2 instance.

Object Storage

  • It’s a architecture of databases.
  • The place where the data is store now is called object.
  • Each object has three components: data, metadata, and unique ID.
  • Each object has an address space. Think of it as the object’s identifier — like its IP — that makes it unique within a pool of objects.
  • Best for unstructured data and/or large datasets.
  • The primary AWS object storage service is Amazon Simple Storage Service (S3)

File Storage

  • It’s a share file system.
  • Multiple apps or customers can access to the same data simultaneously.
  • You can expand storage capacity as needs grow without managing physical infrastructure.
  • There are two types:
    • Amazon Elastic File System (EFS)
      • Fully managed.
      • Scalable
      • Used for AWS Cloud services and on-premises resources.
    • Amazon FSx
      • Fully managed
      • Used for file systems like Windows, Lustre, and NetApp ONTAP.

Additional storage services

  • AWS Storage Gateway
    • Fully managed.
    • Focus on hybrid deployment model.
    • Provide unlimited cloud storage access to on-premises solutions.
  • AWS Elastic Disaster Recovery
    • Fully managed.
    • Designed to disaster recovery situations.
    • Service that recover your physical, virtual, and cloud-based servers into AWS.

AWS shared responsibility

  • Fully managed
    • Customer responsibility (all client side)
      • Customer Data.
      • Client-side data encryption.
    • AWS responsibility (all infrastructure side)
      • Server-side encryption
      • Network protection (traffic, firewall, network devices, OS)
      • Management. (Platforms and apps)
      • Provide software for infrastructure.
      • Provide hardware for infrastructure.
  • Managed
    • Customer responsibility (all client side + encryption configuration + backups strategies + volume performance + capacity planning)
      • Customer Data.
      • Client-side data encryption.
      • Server-side encryption.
      • Network traffic protection.
    • AWS responsibility (core infrastructure)
      • Network protection (firewall, network devices, OS)
      • Management. (Platforms and apps)
      • Provide software for infrastructure.
      • Provide hardware for infrastructure.
  • Unmanaged
    • Customer responsibility (almost everything)
      • Customer Data.
      • Client-side data encryption.
      • Server-side encryption.
      • Network traffic protection.
      • Network protection (firewall, network devices, OS)
      • Management. (Platforms and apps)
    • AWS responsibility (maintains physical infrastructure and physical network components running.)
      • Provide software for infrastructure.
      • Provide hardware for infrastructure.