EBS volume encryption uses EC2 host hardware to encrypt data at rest and in-transit between EBS and EC2 instances.Continue reading “[AWS Architect] (41) EBS Encryption”
A snapshot is a point-in-time backup of an ESB Volume stored in S3.
- To protect against AZ failure, EBS snapshots (to S3) can be used.
- Snapshots are incremental. The initial snapshot is a full copy, and future ones only store the data changed since the last snapshot, which can reduce the storage cost.
- You can take a snapshot while the instance is running. When you back up a root volume, you need to stop the instance for data integrity.
- You can create an AMI from a snapshot.
- EBS volumes are in the same AZ of the EC2 instance.
Elastic Block Store (EBS) is a network-attached storage service that creates and manages persistent volumes.
- Volumes are persistent (removed and attached) and are replicated within a single AZ.
- You can change the EBS volume size and the storage type on the fly.
- EBS supports a maximum per-instance throughput of 1,750 MiB/s.
- EBS supports 80,000 IOPS per instance or 64,000 IOPS per volume.
- By default, EBS volumes are replicated within the AZ.
- Every EC2 instance must have a root volume, which may or may not be EBS (Elastic Block Store).
- By default, an EBS root volume will be deleted when the instance is terminated. You can change the setting to make EBS volumes persistent.
- You can attach additional EBS volumes to instances, and they are not deleted when the instance is terminated.