Amazon EBS (Elastic Block Store)
EBS provides persistent block storage volumes for EC2 instances. Data persists independently of the instance lifecycle.
EBS Volume Types
| Type | Name | IOPS | Throughput | Use Case |
|---|---|---|---|---|
| gp3 | General Purpose SSD | 3,000-16,000 | 125-1,000 MB/s | Most workloads |
| gp2 | General Purpose SSD | Up to 16,000 | Up to 250 MB/s | Legacy default |
| io2 | Provisioned IOPS SSD | Up to 64,000 | Up to 1,000 MB/s | Databases |
| st1 | Throughput HDD | 500 | 500 MB/s | Big data, logs |
| sc1 | Cold HDD | 250 | 250 MB/s | Infrequent access |
Creating and Attaching Volumes
# Create a volume
aws ec2 create-volume \
--volume-type gp3 \
--size 50 \
--availability-zone us-east-1a \
--tag-specifications 'ResourceType=volume,Tags=[{Key=Name,Value=nextgen-data}]'
# Attach to an instance
aws ec2 attach-volume \
--volume-id vol-0123456789abcdef0 \
--instance-id i-0123456789abcdef0 \
--device /dev/xvdfFormatting and Mounting (on the instance)
# Check the device
lsblk
# Create filesystem
sudo mkfs -t ext4 /dev/xvdf
# Create mount point
sudo mkdir /data
# Mount the volume
sudo mount /dev/xvdf /data
# Persist across reboots (add to fstab)
echo '/dev/xvdf /data ext4 defaults,nofail 0 2' | sudo tee -a /etc/fstab
# Verify
df -h /dataEBS Snapshots
Snapshots are point-in-time backups of EBS volumes stored in S3.
# Create a snapshot
aws ec2 create-snapshot \
--volume-id vol-0123456789abcdef0 \
--description "NextGen data backup $(date +%Y-%m-%d)"
# List snapshots
aws ec2 describe-snapshots \
--owner-ids self \
--query 'Snapshots[*].[SnapshotId,VolumeId,StartTime,State]' \
--output table
# Create volume from snapshot (restore)
aws ec2 create-volume \
--snapshot-id snap-0123456789abcdef0 \
--volume-type gp3 \
--availability-zone us-east-1a
# Delete old snapshots
aws ec2 delete-snapshot --snapshot-id snap-0123456789abcdef0Automated Snapshots
Use AWS Data Lifecycle Manager for scheduled snapshots:
aws dlm create-lifecycle-policy \
--description "Daily snapshots, retain 7 days" \
--state ENABLED \
--execution-role-arn arn:aws:iam::123456789012:role/AWSDataLifecycleManagerDefaultRole \
--policy-details '{
"PolicyType": "EBS_SNAPSHOT_MANAGEMENT",
"ResourceTypes": ["VOLUME"],
"TargetTags": [{"Key": "Backup", "Value": "true"}],
"Schedules": [{
"Name": "DailyBackup",
"CreateRule": {"Interval": 24, "IntervalUnit": "HOURS"},
"RetainRule": {"Count": 7}
}]
}'Elastic IPs
Elastic IPs are static public IPv4 addresses that you can associate with EC2 instances.
Why Elastic IPs?
| Without EIP | With EIP |
|---|---|
| IP changes on stop/start | IP stays the same |
| DNS records break | DNS always resolves |
| Can't pre-configure firewalls | Stable firewall rules |
Managing Elastic IPs
# Allocate an Elastic IP
aws ec2 allocate-address --domain vpc
# Associate with an instance
aws ec2 associate-address \
--instance-id i-0123456789abcdef0 \
--allocation-id eipalloc-0123456789abcdef0
# Disassociate
aws ec2 disassociate-address \
--association-id eipassoc-0123456789abcdef0
# Release (free the IP)
aws ec2 release-address \
--allocation-id eipalloc-0123456789abcdef0Important Notes
- You're charged for Elastic IPs that are not associated with a running instance
- Limit of 5 EIPs per region (can request increase)
- Use DNS (Route 53) instead of EIPs when possible for better flexibility
EBS Best Practices
| Practice | Reason |
|---|---|
| Use gp3 over gp2 | Better price/performance |
| Enable encryption | Data security at rest |
| Regular snapshots | Disaster recovery |
| Right-size volumes | Cost optimization |
| Monitor with CloudWatch | Performance visibility |
# Enable encryption by default for new volumes
aws ec2 enable-ebs-encryption-by-default
# Create encrypted volume
aws ec2 create-volume \
--volume-type gp3 \
--size 100 \
--encrypted \
--availability-zone us-east-1aSummary
You've learned:
- EBS volume types and their performance characteristics
- Creating, attaching, and mounting EBS volumes
- Snapshot management for backups and recovery
- Elastic IP allocation and association
- Best practices for storage and networking
Next Steps
Next, we'll monitor EC2 instances and set up alarms with Amazon CloudWatch.