Contact

AWS Elastic Block Store(EBS)

Think of EBS as the virtual, high-performance hard drive for your EC2 instances. It’s not just a single product; it’s a whole family of services that provide persistent, block-level storage. We’ll explore its core components: volumes, snapshots, encryption, and the advanced Multi-Attach feature.

What is Amazon EBS?

Think of AWS EBS (Elastic Block Store) like a super-powered external hard drive for computers in the cloud.

You know how you might plug in a USB drive or external hard disk to your laptop to store more files? EBS works similarly, but for virtual computers that Amazon runs in their data centers.

EBS is like a storage locker that you can attach to any computer running on Amazon’s cloud service (AWS). Just like you can unplug a USB drive from one computer and plug it into another, you can detach EBS storage from one virtual computer and attach it to a different one.

Why it’s useful

  • Flexibility – You can make your storage bigger or smaller as needed, like having a magical hard drive that grows when you need more space
  • Reliability – Amazon automatically makes backup copies so your data doesn’t disappear if something breaks
  • Speed options – You can choose between cheaper, slower storage (like a regular hard drive) or faster, more expensive storage (like an SSD)

Imagine you’re running an online store. During the holidays, you might need more storage space for customer data and orders. With EBS, you can instantly add more storage space without buying new hardware or shutting down your store.

The “Elastic” part means it stretches and shrinks based on what you need – kind of like elastic waistbands that adjust to fit you perfectly!

Amazon Ebs Volumes

An Amazon EBS volume is a durable, block-level storage device that you can attach to your instances. After you attach a volume to an instance, you can use it as you would use a physical hard drive. EBS volumes are flexible. For current-generation volumes attached to current-generation instance types, you can dynamically increase size, modify the provisioned IOPS capacity, and change volume type on live production volumes.

You can use EBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application. You can also use them for throughput-intensive applications that perform continuous disk scans. EBS volumes persist independently from the running life of an EC2 instance.

You can attach multiple EBS volumes to a single instance. The volume and instance must be in the same Availability Zone. Depending on the volume and instance types, you can use Multi-Attach to mount a volume to multiple instances at the same time.

Types of EBS Volumes
General Purpose SSD (gp3 and gp2)

General Purpose SSD volumes are the most commonly used EBS type, designed to provide a balance between cost and performance. The older generation gp2 automatically scales IOPS based on volume size, whereas the newer gp3 lets you provision IOPS and throughput independently from the volume size, making it more cost-efficient. These volumes are well-suited for applications like boot volumes, small to medium databases, and development environments where predictable performance and low latency are required. They are the default choice for most workloads because they provide a good mix of performance and affordability.

Provisioned IOPS SSD (io2 and io1)

Provisioned IOPS SSD volumes are built for mission-critical workloads that demand consistently high performance and very low latency. Unlike general-purpose volumes, these allow you to provision the exact number of IOPS you need, regardless of the storage size. The newer io2 volumes provide higher durability and better performance per GB compared to io1, making them ideal for large transactional databases like Oracle, SQL Server, or high-performance NoSQL databases. If your application requires predictable performance at scale and cannot afford downtime or inconsistent response times, provisioned IOPS SSD volumes are the right fit.

Throughput Optimized HDD (st1) – Best for Big Data Workloads

The Throughput Optimized HDD (st1) volume type offers affordable Amazon EBS storage for workloads that need high sequential read and write speeds. Unlike SSD volumes, st1 relies on magnetic storage and delivers throughput rather than IOPS. It works best for big data analytics, log processing, ETL jobs, and data warehouses, where large files move in sequence. St1 does not perform well with random I/O, so it is not a good fit for transactional databases or low-latency applications. Choose st1 if your workload requires scalable, sequential data processing at a lower cost.

Cold HDD (sc1) – Lowest Cost Storage for Infrequent Access

The Cold HDD (sc1) volume type is the cheapest Amazon EBS option. It is designed for workloads that need large storage capacity but infrequent access. Compared to st1, sc1 provides lower throughput and less performance, which makes it ideal for archival data, backups, and compliance storage. Many businesses rely on sc1 to keep logs or records that must stay available for years but are rarely accessed. Although it offers excellent savings, sc1 is not suitable for latency-sensitive or performance-heavy workloads. If cost is your top priority for storing cold data, sc1 is the right choice.

Magnetic (Standard) – Previous Generation EBS Volumes

The Magnetic (Standard) EBS type was the first storage option offered by AWS. It provides basic, low-cost storage, but its performance can be variable and inconsistent. Over time, AWS introduced gp3, st1, and sc1 as stronger alternatives that deliver better reliability, speed, and efficiency. Magnetic volumes now fall under previous generation storage and remain in use mainly for legacy systems. For modern workloads, AWS recommends switching to newer storage types because they ensure predictable performance and better long-term value.

Amazon EBS snapshots

You can back up the data on your Amazon EBS volumes by making point-in-time copies, known as Amazon EBS snapshots. A snapshot is an incremental backup, which means that we save only the blocks on the volume that have changed since the most recent snapshot. This minimizes the time required to create the snapshot and saves on storage costs by not duplicating data.

Snapshots are stored in Amazon S3, in S3 buckets that you can’t access directly. You can create and manage your snapshots using the Amazon EC2 console or the Amazon EC2 API. You can’t access your snapshots using the Amazon S3 console or the Amazon S3 API.

Snapshot data is automatically replicated across all Availability Zones in the Region. This provides high availability and durability for snapshot data, and enables you to restore volumes in any Availability Zones in that Region.

Each snapshot contains all of the information that is needed to restore your data (from the moment when the snapshot was taken) to a new EBS volume. When you create an EBS volume from a snapshot, the new volume begins as an exact replica of the volume that was used to create the snapshot.

Amazon EBS encryption

Use Amazon EBS encryption as a straight-forward encryption solution for your Amazon EBS resources associated with your Amazon EC2 instances. With Amazon EBS encryption, you aren’t required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots.

Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached EBS storage.

You can attach both encrypted and unencrypted volumes to an instance simultaneously. All Amazon EC2 instance types support Amazon EBS encryption.

You encrypt EBS volumes by enabling encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt.

When you encrypt a volume, you can specify the symmetric encryption KMS key to use to encrypt the volume. If you do not specify a KMS key, the KMS key that is used for encryption depends on the encryption state of the source snapshot and its ownership

EBS Multi-Attach

Amazon EBS Multi-Attach enables you to attach a single Provisioned IOPS SSD (io1 or io2) volume to multiple instances that are in the same Availability Zone. You can attach multiple Multi-Attach enabled volumes to an instance or set of instances. Each instance to which the volume is attached has full read and write permission to the shared volume. Multi-Attach makes it easier for you to achieve higher application availability in applications that manage concurrent write operations.

Considerations and limitations

Supported volume types and operating systems

Multi-Attach works only with Provisioned IOPS SSD volumes. Linux supports both io1 and io2 for Multi-Attach, while Windows supports io2 only. If you’re starting fresh, prefer io2 because it offers better durability, broader regional support, and more robust coordination features. AWS Documentation

Instance and Availability Zone constraints

You can connect up to 16 Nitro-based instances to a single Multi-Attach enabled volume, and every one of those instances must run in the same AZ as the volume. Some newer Nitro instances that use SRD networking require io2 for Multi-Attach; io1 Multi-Attach isn’t supported on those specific instance types. AWS Documentation

File system and data consistency expectations

A standard single-writer file system—like EXT4 or XFS configured for a lone host—doesn’t safely handle multiple writers. In production, pair Multi-Attach with a cluster-aware file system or a distributed lock manager so you serialize metadata updates and avoid corruption. Popular choices include GFS2 or OCFS2, which coordinate access across nodes. AWS DocumentationAmazon Web Services, Inc.

I/O fencing, reservations, and write ordering

With io2, Multi-Attach supports I/O fencing via NVMe reservations, which helps you control which nodes may write and when—a key guardrail for consistency. Your application must still enforce write ordering and failover rules; the platform won’t manage that logic for you. io1 Multi-Attach does not support I/O fencing, so plan coordination carefully if you must use it. AWS Documentation

Performance model and throughput sharing

Each attached instance can drive I/O up to its own EC2 limit, but the aggregate of all instances can’t exceed the volume’s provisioned IOPS/throughput. If two or more instances push I/O at once, they share the same ceiling. For steadier performance, distribute I/O across the volume’s address space rather than hammering the same hot ranges. AWS Documentation

Lifecycle operations and modification limits

You can enable Multi-Attach at creation time for io1 or io2. After creation, only io2 volumes can have Multi-Attach turned on, and only while detached. You can’t flip Multi-Attach during instance launch, and you can’t use Multi-Attach volumes as boot volumes. Modification is limited too: with io2, you can change size and provisioned IOPS later; with io1, most modifications aren’t supported once Multi-Attach is enabled. AWS Documentation+1

Delete-on-termination and failure behavior

When multiple instances attach the same volume, the last attached instance’s delete-on-termination setting decides whether AWS deletes the volume as the final instance terminates. Align this setting across all instances to avoid accidental data loss or orphaned storage. Also note that a volume-level issue in EBS makes the device unavailable to all attached instances, while a problem at a single EC2 node or its network path affects only that node. AWS Documentation

Monitoring and metrics visibility

Use Amazon CloudWatch to monitor Multi-Attach volumes, but remember that EBS metrics are aggregated at the volume, not per attached instance. If you need per-node visibility, instrument the OS and application on each instance alongside the shared volume metrics. AWS Documentation

When Multi-Attach fits—and when it doesn’t

Multi-Attach shines in clustered applications that coordinate access to a shared block device for fast failover and active-active patterns. It’s not the right tool for traditional single-host file systems or applications that can’t implement locking, fencing, and write ordering. In those cases, pick a higher-level shared store, such as a managed file system or a database designed for multi-writer semantics

Benifits of EBS

1. Persistence and Durability

Unlike an instance store, an EBS volume’s data persists even if the EC2 instance it’s attached to is stopped or terminated. This makes it the ideal choice for storing your operating system, databases, and any critical application data. Additionally, AWS automatically replicates your data within a single Availability Zone to protect against hardware failure, offering high durability.

2. High Availability and Performance

EBS volumes are designed for high availability. They’re automatically replicated within their Availability Zone, ensuring your data is accessible and resilient to component failure. You can also choose from a variety of volume types (e.g., SSD or HDD) optimized for different performance characteristics, like high IOPS for databases or high throughput for big data analytics.

3. Scalability and Flexibility

EBS volumes are highly scalable. You can easily increase the size and adjust the performance of your volumes as your needs change without any downtime. You can also detach a volume from one instance and attach it to another in the same Availability Zone, giving you the flexibility to move data and reconfigure your environment.

4. Security and Backups

EBS offers robust security features. You can encrypt your volumes and their snapshots, with all data-at-rest and in-transit automatically protected. EBS encryption uses AWS Key Management Service (KMS), making the process seamless. For backups, you can create point-in-time snapshots of your volumes. These snapshots are incremental, meaning they only save the data that has changed since the last backup, saving you time and money.

EBS Best Practices

Default to EBS GP3 Volumes

You should default to GP3 volumes, and only use the other volume types if you have a specific use case, or you know you need more performance. Here’s a guide to benchmark EBS volumes.

Use EBS-optimized instances for higher performance

EC2 Instance families have a limit on performance with EBS volumes, which is independent of the EBS volume itself. If you need high performance, it may not be enough to just use a better EBS volume such as IO2. You’ll also need to look into whether your EC2 instances support that level of performance, and possibly use EC2 instances that are Storage Optimized.

EBS performance is also limited by instance size. You can use the EBSIOBalance% and EBSByteBalance% metrics in CloudWatch to help you determine whether your instances are sized correctly. Instances with a consistently low balance percentage should be increased in size, and instances where the balance percentage never drops below 100% should be reduced in size.

Use EC2 Instance Store for extreme performance

If you need extreme performance, you’ll need to use EC2 Instance Store. It’s ephemeral (that means non-permanent) block storage with a much higher performance than EBS. The main disadvantages are the pricing (you need an EC2 instance of a special family, which isn’t cheap) and the fact that data is lost if the instance is stopped or terminated.

Encrypt your EBS Volumes

This comes at no cost and no performance hit to you, so it should be a no brainer. First, you should enable Encryption by Default, so all future EBS volumes are created with encryption. Then you should encrypt existing EBS volumes by creating a snapshot of them, encrypting that snapshot and creating a new volume from the encrypted snapshot.

Migrate GP2 volumes to GP3

GP3 volumes can do anything that GP2 volumes can, and they’re 20% cheaper. Here’s a guide to migrate your existing GP2 volumes to GP3.

Conclusion

Amazon EBS is a foundational storage service that powers countless workloads on AWS. By understanding volumes, snapshots, encryption, and multi-attach, you can design highly available, secure, and cost-effective storage solutions tailored to your applications.

Whether you’re running a production-grade database, a scalable web app, or a big data pipeline, EBS provides the durability, flexibility, and performance needed to keep your applications running smoothly.