EFS Features and Pricing

Get an overview of access control, encryption, and file sync with EFS.

We'll cover the following

Access control

When you create a file system, you create endpoints in your VPC called “mount targets”. When mounting from an EC2 instance, your file system’s DNS name, which you provide in your mount command, resolves to a mount target’s IP address.

  • You can control who can administer your file system using IAM.
  • You can control access to files and directories with POSIX-compliant user and group-level permissions.
  • POSIX permissions allow you to restrict access from hosts by user and group.
  • EFS Security Groups act as a firewall, and the rules you add define the traffic flow.

EFS encryption

EFS offers the ability to encrypt data at rest and in transit. Data encryption in transit uses industry-standard Transport Layer Security (TLS) 1.2 to encrypt data sent between your clients and EFS file systems.

  • Encryption keys are managed by the AWS Key Management Service (KMS).
  • Data encrypted at rest is transparently encrypted while being written and transparently decrypted while being read.
  • Enable encryption at rest in the EFS console or by using the AWS CLI or SDKs.
  • Encryption of data at rest and of data in transit can be configured together or separately to help meet your unique security requirements.

EFS File Sync

EFS File Sync provides a fast and simple way to sync existing file systems into Amazon EFS securely. It copies file data and file system metadata such as ownership, timestamps, and access permissions.

EFS File Sync copies files and directories into Amazon EFS at speeds up to 5x faster than standard Linux copy tools, with simple setup and management in the AWS Console. EFS File Sync securely and efficiently copies files over the internet or over an AWS Direct Connect connection.

EFS File Sync provides the following benefits:

  • Efficient high-performance parallel data transfer that tolerates unreliable and high-latency networks.

  • Encryption of data transferred from your IT environment to AWS.

  • Data transfer rate up to five times faster than standard Linux copy tools.

  • Full and incremental syncs for repetitive transfers.

The following diagram shows a comprehensive view of the EFS File Sync architecture:

Level up your interview prep. Join Educative to access 70+ hands-on prep courses.