Amazon FSx for Windows File Server makes it easy for you to launch and use Windows shared file storage for your Windows-based applications. Built on Windows Server, Amazon FSx provides fully managed Windows file servers with the compatibility, features, and performance that Windows-based applications rely on. With Amazon FSx, you can launch highly durable and available Windows file systems that can be accessed from up to thousands of compute instances using the industry-standard SMB protocol. Amazon FSx uses SSD storage to provide high levels of file system throughput and IOPS, and consistent sub-millisecond latencies.
Native Windows compatibility
Amazon FSx is built using Microsoft Windows Server and provides native Windows shared file storage, delivering the compatibility, features, and performance needed to run your applications. Amazon FSx provides NTFS file systems that can be accessed from up to thousands of compute instances using the SMB protocol (SMB 2.0 to 3.1.1). The service works with Microsoft Active Directory (AD) to integrate your file system with your existing Windows environments. Amazon FSx uses Distributed File System (DFS) Replication to support multi-AZ deployments. To ensure compatibility with your applications, Amazon FSx supports all Windows versions starting from Windows Server 2008 and Windows 7, and also current versions of Linux.
By supporting the SMB protocol, Amazon FSx can connect your file system to Amazon EC2, VMware Cloud on AWS, Amazon WorkSpaces, and Amazon AppStream 2.0 instances. Amazon FSx supports all Windows versions starting from Windows Server 2008 and Windows 7, and current versions of Linux. Amazon FSx also supports on-premises access via AWS Direct Connect or AWS VPN, and access from multiple VPCs, accounts, and regions using VPC Peering or AWS Transit Gateway.
Because Amazon FSx is a fully managed service, it’s simple to launch and use shared file storage for your Windows applications that run on AWS. In minutes, you can easily create Amazon FSx file systems to support your applications by using the AWS Management Console, AWS CLI, or AWS SDK. Amazon FSx sets up and provisions file servers and storage volumes, and eliminates much of the need for administrative overhead. Amazon FSx also takes care of routine Windows Server software updates.
Performance and scale
Built on SSD-storage, Amazon FSx is designed to deliver fast, predictable, and consistent performance. Amazon FSx provides up to 2 GB/s of throughput per file system, hundreds of thousands of IOPS, and consistent sub-millisecond latencies for file operations. To get the right performance for your workload, you can choose a throughput level that is independent of your file system size.
Amazon FSx provides storage of up to 64 TB per file system, and throughput of up to 2GB/s per file system. You can use DFS Namespaces to create shared common namespaces spanning multiple Amazon FSx file systems to scale-out storage and throughput. Each common namespace is capable of scaling out storage to hundreds of petabytes of data, and performance to tens of GB/s of throughput, and millions of IOPs.
Security and compliance
All Amazon FSx file system data is automatically encrypted at rest and in transit. Encryption of data at-rest uses keys managed with AWS Key Management Service (AWS KMS). Data is automatically encrypted before being written to the file system, and automatically decrypted as it is read. Amazon FSx automatically encrypts data-in-transit using SMB Kerberos session keys, when accessed from compute instances that support SMB protocol 3.0 or newer. This includes all Windows versions starting from Windows Server 2012 and Windows 8, and all Linux clients with Samba client version 4.2 or newer.
AWS has the longest-running compliance program in the cloud and is committed to helping customers navigate their requirements. Amazon FSx has been assessed to meet global and industry security standards. It complies with PCI DSS, ISO 9001, 27001, 27017, and 27018), and SOC 1, 2, and 3, in addition to being HIPAA eligible. That makes it easier for you to verify our security and meet your own obligations. For more information and resources, visit our compliance pages. You can also go to the Services in Scope by Compliance Program page to see a full list of services and certifications.
Amazon FSx supports identity-based authentication over SMB through Microsoft Active Directory (AD). When creating your Amazon FSx file system, you join it to your Microsoft AD -- either an AWS Managed Microsoft AD or your self-managed Microsoft AD. Your users can then use their existing AD-based user identities to authenticate themselves and access the Amazon FSx ﬁle system, and to control access to individual ﬁles and folders.
Amazon FSx supports Windows Access Control Lists (ACLs) for fine-grained file and folder access control. For network-level access control, you can use Amazon Virtual Private Cloud (Amazon VPC) security groups to control access to your Amazon FSx resources. Amazon FSx is integrated with AWS Identity and Access Management (IAM) to control the actions that your AWS IAM users and groups can take on specific Amazon FSx resources. Amazon FSx integrates with AWS CloudTrail to monitor and log administration actions.
You access your Amazon FSx file system from your Amazon VPCs. You can configure firewall settings and control network access to your Amazon FSx file systems using Amazon VPC Security Groups and VPC Network ACLs.
Availability and durability
To ensure high availability and durability, Amazon FSx automatically replicates your data within the Availability Zone (AZ) it resides in (which you specify during creation) to protect it from component failure, continuously monitors for hardware failures, and automatically replaces infrastructure components in the event of a failure.
To help ensure that your data is protected, Amazon FSx automatically takes highly durable, file-system consistent daily backups to S3. Amazon FSx uses the Volume Shadow Copy Service (VSS) to make your backups file system-consistent. You can take additional backups of your file system at any point.
You can set up replication and failover to another AWS AZ using Microsoft DFS Replication and Namespace features. DFS Replication allows you to automatically replicate data between two file systems, to a standby file system in a different AZ. DFS Namespace allows you to configure automatic failover to the standby in the event that the primary becomes unresponsive.
Pay only for what you use: You pay only for the resources you use, with no minimum commitments or up-front fees. You are billed hourly for your Amazon FSx file systems, based on your configured storage capacity (priced per GB-month) and throughput capacity (priced per MBps-month). You are billed hourly for your backup storage (priced per GB-month). For more details, see the Amazon FSx pricing page.
Amazon FSx for Windows File Server has simple pricing, you pay for the resources you use.
Instantly get access to the AWS Free Tier.
Get started building with FSx for Windows File Server in the AWS Console.