In this 10-Minute Tutorial, you will store your files in the cloud using Amazon EFS. You will create an Amazon EFS file system, launch a Linux virtual machine on Amazon EC2, mount the file system, create a file, terminate the instance, and delete the file system.

Everything done in this tutorial is Free Tier eligible.

Manage Your AWS Resources

Sign in to the Console

You can easily create a highly available and scalable network file system from the Amazon EFS console.


a. When you click here, the AWS Management Console will open in a new browser window, so you can keep this tutorial open. When this screen loads, enter your user name and password to get started. Then find EFS under Storage, and click to open the EFS Console.

(click to zoom)


b. In the Amazon EFS console, click Create file system.

(click to zoom)


c. If the Default VPC is not selected in the VPC dropdown field, select the dropdown arrow and select the Default VPC. Accept all the defaults in Step 1: Configure file system access and click Next Step.

(click to zoom)


d. Accept all the defaults in Step 2: Configure optional settings and click Next Step.

(click to zoom)


e. Accept all the defaults in Step 3: Review and create and click Create File System.

(click to zoom)

To access your file system, you mount the file system on an Amazon EC2 Linux-based instance. In this step, you will create and configure an Amazon EC2 instance.


a. Click here to open the Amazon EC2 console and click Launch Instance to create and configure your virtual machine.

(click to zoom)


b. With Amazon EC2, you can specify the software and specifications of the instance you want to use. In this screen, you are shown options to choose an Amazon Machine Image (AMI), which is a template that contains the software configuration (e.g. an operating system, an application server, and applications). 

From an AMI, you launch an instance, which is a copy of the AMI running as a virtual server in the cloud.

For this tutorial, find Amazon Linux AMI and click Select.

(click to zoom)


c. You will now choose an instance type. Instance types comprise of varying combinations of CPU, memory, storage, and networking capacity so you can choose the appropriate mix for your applications. For more information, see Amazon EC2 Instance Types.

The default option of t2.micro should already be checked. This instance type is covered within the Free Tier and offers enough compute capacity to tackle simple workloads. Click Review and Launch at the bottom of the page.

(click to zoom)


d. You can review the configuration, storage, tagging and security settings that have been selected for your instance. While you have the option to customize these settings, we recommend accepting the default values for this tutorial.

Click Launch at the bottom of the page.

(click to zoom)


e. On the next screen you will be asked to choose an existing key pair or create a new key pair. A key pair is used to log into your instance (just like your house key is used to enter your home).

Select Choose an existing key pair and select the key pair or select Create a new key pair and give it the name MyKeyPair. Next click the Download Key Pair button. Be sure to save the key pair in a safe location on your computer.

Windows users: We recommend saving your key pair in your user directory in a sub-directory called .ssh (ex. C:\user\{yourusername}\.ssh\MyKeyPair.pem).

Note: You can't use Windows Explorer to create a folder with a name that begins with a period unless you also end the folder name with a period. After you enter the name (.ssh.), the final period is removed automatically.

Mac/Linux users: We recommend saving your key pair in the .ssh sub-directory from your home directory (ex. ~/.ssh/MyKeyPair.pem).

Note: If you don't remember where you store your SSH private key (the file you are downloading), you won't be able to connect to your virtual machine.

After you have stored your key pair, click Launch Instances to start your Linux instance.

Note: It will take a few minutes to launch your instance.

(click to zoom)


f. Click View Instances on the next screen to view your instances and see the status of the instance you have just started.

(click to zoom)


g. Make note of the Public IP address of your AWS instance, you will need this to connect to the instance in Step 4 part c.

Note: If your instance is still starting up, the Public IP address may not be shown yet. The Instance State column will show you if the instance is running yet, and the Status Checks column will tell you if the instance has passed the 2 checks to make sure it is done provisioning. You can refresh these values by pressing the refresh button on the right just above the table.

(click to zoom)


h. Give your instance network access to the file system. With your instance selected, select Actions > Networking > Change Security Groups.

(click to zoom)


i. Select the checkbox for the default VPC security group and click Assign Security Groups.

Note: You should have two security groups checked, the launch-wizard-1 security group and the default VPC security group.

(click to zoom)

After launching your Amazon EC2 instance, it's time to connect to it.

Windows users: Select Windows below to see instructions for installing Git Bash.

Mac/Linux users: Select Mac / Linux below to see instructions for opening a terminal window.

  • Windows

    a. Download Git for Windows here. Run the downloaded installer accepting the default settings (this will install Git Bash as part of Git).

    (click to zoom)


    b. Right click on your desktop (not on an icon or file) and select Git Bash Here to open a Git Bash command prompt.

    (click to zoom)

  • Mac / Linux

    Your Mac or Linux computer most likely includes an SSH client by default. You can check for an SSH client by typing ssh at the command line. If your computer doesn't recognize the command, the OpenSSH project provides a free implementation of the full suite of SSH tools that you can download.

    a. Mac users: Open a terminal window by pressing Command + Space and typing terminal in the search window. Then press enter to open the terminal window.

    Linux users: Open a terminal window.

    (click to zoom)


    b. Use the chmod command to make sure your private key file is not publicly viewable by entering the following command: chmod 400 ~/.ssh/mykeypair.pem to restrict permissions to your private SSH key.

    Note: You do not need to do this every time you connect to you instance, you only need to set this once per SSH key that you have.

    (click to zoom)


c. Use SSH to connect to your instance. In this case the user name is ec2-user, the SSH key is stored in the directory we saved it to in step 2 part d, and the IP address is from step 2 part f. The format is ssh -i {full path of your .pem file} ec2-user@{instance IP address}.

Windows users: Enter ssh -i 'c:\Users\yourusername\.ssh\MyKeyPair.pem' ec2-user@{IP_Address} (ex. ssh -i 'c:\Users\adamglic\.ssh\MyKeyPair.pem' [email protected])

Mac/Linux users: Enter ssh -i ~/.ssh/MyKeyPair.pem ec2-user@{IP_Address} (ex. ssh -i ~/.ssh/MyKeyPair.pem [email protected])

Note: if you started a Linux instance that isn't Amazon Linux, there may by a different user name that is used. common user names include ec2-user, root, ubuntu, and fedora. If you are unsure what the login user name is, check with your AMI provider.

You'll see a response similar to the following:

The authenticity of host 'ec2-198-51-100-1.compute-1.amazonaws.com (10.254.142.33)' can't be established. RSA key fingerprint is 1f:51:ae:28:df:63:e9:d8:cf:38:5d:87:2d:7b:b8:ca:9f:f5:b1:6f. Are you sure you want to continue connecting (yes/no)?

Type yes and press enter.

(click to zoom)


You'll see a response similar to the following:

Warning: Permanently added 'ec2-198-51-100-1.compute-1.amazonaws.com' (RSA) to the list of known hosts.

You should then see the welcome screen for your instance and you are now connected to your AWS Linux virtual machine in the cloud.

(click to zoom)

To access your file system, you mount the file system using the standard Linux mount command and the file system’s DNS name. Once you’ve mounted, you can work with the files and directories in your file system just like you would with a local file system. Amazon EFS uses the NFSv4.1 protocol.


a. Click here to open the Amazon EFS console and then select the radio button next to your file system to display the details.


b. Select the Amazon EC2 mount instructions link.

(click to zoom)


c. From the Amazon EC2 mount instructions window you can read through the Setting up your EC2 instance section. This section walks you through the steps to install the nfs client onto your EC2 instance. The nfs client is already installed on the EC2 instance you launched so you can move down to the next step.

(click to zoom)


d. Create a new directory on your instance by copying the sudo mkdir efs command.

(click to zoom)


e. Paste and run the sudo mkdir efs command in your SSH window.

(click to zoom)


f. Go back to the Amazon EC2 mount instructions window. Mount your file system as your new directory.

Copy the entire sudo mount –t nfs4… command.

Click Close at the bottom of the window.

(click to zoom)


g. Paste and run the entire sudo mount –t nfs4… command in your SSH window.

(click to zoom)


h. Verify your file system has been successfully mounted by running the following command: 

df -h 

(click to zoom)


i. Create a test file in your new file system by running a simple dd command to generate a 1GiB file in your new directory. Run the following dd command in your SSH window:

sudo dd if=/dev/zero of=~/efs/1GiB bs=1M count=1024 status=progress

You can easily terminate your virtual machine and file system from the AWS Management Console. In fact, it is a best practice to terminate the resources you are no longer using so you don’t keep getting charged for them.


a. First, you will terminate your Amazon EC2 instance. Click here to open the Amazon EC2 console, select the box next to the instance you created. Then click the Actions button, navigate to Instance State, and click Terminate.

You will be asked to confirm your termination - select Yes, Terminate.

Note: This process can take several seconds to complete. Once your instance has been terminated, the Instance State will change to terminated on your EC2 Console.

(click to zoom)


b. You will now delete your file system from the Amazon EFS console. Click here to open the Amazon EFS console, select the radio button next to the file system you created. Then click the Actions button, and click Delete file system.

Confirm you want to delete the file system by typing in the File System ID in the text box. Click Delete File System.

(click to zoom)

Congratulations! You have created your first network file system in the cloud. Amazon EFS is a simple, scalable shared file system that grows and shrinks automatically as you add and remove files, and you only pay for the amount of storage you are using.

Now that you have learned to create a network file system using Amazon EFS from the management console, dive deeper into Amazon EFS by watching an AWS Online Tech Talk. Watch the Deep Dive on Amazon EFS >>