AWS Storage Services — S3, EBS, EFS, Glacier

Key Takeaways

• S3 provides 99.999999999% (11 nines) durability — the most durable storage in AWS
• S3 storage classes: Standard → Standard-IA → One Zone-IA → Glacier Instant → Glacier Flexible → Glacier Deep Archive (cost savings increase, retrieval time increases)
• EBS is AZ-locked; EFS spans multiple AZs; S3 is regional and globally accessible
• Use lifecycle policies to automatically transition objects between storage classes

Amazon S3 (Simple Storage Service)

Object storage for any amount of data at web scale. S3 is the foundation of AWS storage — buckets hold objects (data + metadata + unique ID), and every bucket has a globally unique name.

Interview Angle

Pre-signed URLs grant temporary access to private S3 objects without making the bucket public. Time-limited, user-specific — common exam pattern for secure file sharing.

S3 Storage Classes

Different classes optimize for access patterns and cost:

Class	Use Case	Retrieval
Standard	Frequent access, millisecond latency	Instant
Standard-IA	Infrequent access but need fast retrieval	Instant
One Zone-IA	Infrequent, single AZ, cost-optimized	Instant
Glacier Instant	Archive with instant retrieval	Instant
Glacier Flexible	Archive, can wait 3–5 hours	Minutes to hours
Glacier Deep Archive	Long-term archive, lowest cost	12+ hours

Interview Angle

Classic exam question: which S3 class for infrequently accessed data you need within milliseconds? Answer: S3 Standard-IA (not Glacier — retrieval takes minutes/hours).

Lifecycle Policies

Automate transitions between storage classes and set deletion rules. A common pattern: transition to Standard-IA after 30 days, Glacier after 90 days, delete after 365 days.

S3 Access Control

Bucket policies define bucket-level access. IAM policies control principal access. ACLs provide legacy object-level control. Pre-signed URLs grant temporary, time-limited access to private objects for specific users or applications.

Interview Angle

S3 encryption options: SSE-S3 (AWS manages keys), SSE-KMS (you control keys in KMS, audit trail via CloudTrail), SSE-C (you provide the key per request). Exam tests when to use each.

Encryption Options

• SSE-S3: AWS manages all keys. Simplest, no overhead.
• SSE-KMS: You control keys in AWS Key Management Service. CloudTrail logs all usage for compliance.
• SSE-C: You provide a key with every request. Highest control, your responsibility to manage key lifecycle.

Other S3 Features

Versioning keeps multiple versions of objects — great for accidental overwrites. Cross-Region Replication (CRR) and Same-Region Replication (SRR) automate object copies for disaster recovery and data locality.

Common Gotchas

• S3 buckets are private by default — “public access” must be explicitly enabled (and is blocked at account level by default)
• S3 is eventually consistent for overwrites/deletes (though now strongly consistent for most operations after 2020 update)

Amazon EBS (Elastic Block Store)

Persistent block-level storage attached to EC2 instances in the same AZ. EBS volumes are durable but AZ-bound — you cannot attach an EBS volume across AZs.

EBS Volume Types

Type	Use Case	Performance
gp2/gp3	General purpose, most workloads	3–16k IOPS
io1/io2	High I/O databases, transaction workloads	Up to 64k IOPS
st1	Throughput-optimized HDD for big data	500 Mbps
sc1	Cold HDD for archival, infrequent access	250 Mbps

EBS Snapshots

Point-in-time backups stored in S3 — but you can’t access them as S3 objects directly. Snapshots are incremental; only changed blocks are stored.

Common Gotchas

EBS snapshots are stored in S3 but you can’t access them as S3 objects directly. Restore a snapshot to create a new volume.

Amazon EFS (Elastic File System)

Managed file storage that mounts on multiple EC2 instances simultaneously. EFS scales automatically as files are added or removed, and spans multiple AZs for high availability.

Interview Angle

EBS = block storage, one EC2 at a time, AZ-bound. EFS = file storage, mount on multiple EC2s simultaneously, scales automatically. Pick EFS for shared storage across instances.

EFS Performance Modes

• General Purpose: Default for most workloads, lowest latency.
• Max I/O: Optimized for highly parallelized workloads, higher latencies but better throughput.

EFS Storage Classes

• Standard: For frequently accessed files.
• Infrequent Access: Lower cost, slightly higher retrieval latency — use lifecycle policies to auto-transition.

S3 Glacier and S3 Glacier Deep Archive

Low-cost archival storage for compliance and long-term retention. Glacier Flexible is for infrequent retrieval; Deep Archive is for “never touch again” backups.

Retrieval Options

Option	Time	Use Case
Expedited	1–5 minutes	Urgent retrieval
Standard	3–5 hours	Normal archival
Bulk	5–12 hours	Cost-optimized, batch jobs

Common Gotchas

Glacier retrieval is NOT instant — Expedited (1–5 min), Standard (3–5 hours), Bulk (5–12 hours). Plan accordingly for recovery scenarios.

Storage Comparison Cheat Sheet

Dimension	S3	EBS	EFS	Glacier
Type	Object	Block	File	Archive
Access	Web API	EC2 volume	Mount	Retrieval request
Scope	Regional/global	AZ-locked	Multi-AZ	Regional
Durability	99.999999999%	99.8–99.9%	High	99.999999999%
Cost	$	$$	$$ (multi-AZ)	$ (archival)
Use Case	Backups, data lake, CDN	Boot volumes, databases	Shared storage, NFS	Long-term retention

---

When to Choose

• S3: Everything that isn’t a database or boot volume. Backups, logs, static assets, data lakes.
• EBS: Boot volumes, databases needing low latency within a single AZ.
• EFS: Shared file storage for multiple EC2s (containers, NFS workloads, media processing).
• Glacier: Compliance archives, backups older than 90 days, “keep forever” data.