AWSGlossary

Amazon FSx: What It Is and When to Use It

Definition

Amazon FSx is a family of four fully managed high-performance file systems that let you run feature-rich, familiar file storage technologies on AWS without the operational overhead of running them yourself. The four flavors — FSx for NetApp ONTAP, FSx for OpenZFS, FSx for Windows File Server, and FSx for Lustre — each expose a different protocol and feature set tuned for a specific workload type. While Amazon EFS covers general-purpose Linux NFS needs, FSx is how AWS supports enterprise Windows shares, multi-protocol NAS, ZFS-specific features (snapshots, clones), and the extreme throughput demanded by HPC and ML training. On exams and in real architectures, FSx is almost always the right answer when the workload mentions Windows, Active Directory, Lustre, ONTAP/SnapMirror, or ZFS.

How It Works

Each FSx flavor is a separate service, but they share a common management model: you create a file system in one or more subnets of your VPC, pick storage type and throughput capacity, and clients mount it over standard protocols.

  • FSx for NetApp ONTAP — exposes NFSv3/v4, SMB, and iSCSI from a managed ONTAP cluster with NetApp features (SnapMirror, FlexClone, deduplication, compression, capacity-pool tiering). Ideal for lift-and-shift of NetApp workloads and multi-protocol environments.
  • FSx for OpenZFS — NFSv3/v4.1/v4.2 with ZFS-native snapshots, instant clones, and compression. SSD-backed with very low latency.
  • FSx for Windows File Server — managed Windows Server with SMB 2/3, NTFS, DFS Namespaces, Active Directory integration, and shadow copies.
  • FSx for Lustre — managed Lustre parallel file system for HPC and ML, with hundreds of GB/s throughput. Offers scratch (ephemeral) and persistent (durable) deployments. Tight S3 integration imports/exports data between buckets and Lustre.

All four integrate with AWS Backup, CloudWatch, KMS encryption, VPC security groups, and Route 53 DNS.

Key Features and Limits

Protocols and features by flavor

| Flavor | Protocol(s) | Multi-AZ | Backing | Max throughput | Typical use | | --- | --- | --- | --- | --- | --- | | FSx for NetApp ONTAP | NFSv3/v4, SMB, iSCSI | Yes | SSD + capacity pool (tiered) | Up to 4 GB/s | Hybrid enterprise NAS, SnapMirror, multi-protocol | | FSx for OpenZFS | NFSv3/v4.1/v4.2 | Yes (Multi-AZ deployment) | SSD | Up to 21 GB/s (Scale-Out) | Latency-sensitive Linux NFS, ZFS snapshots/clones | | FSx for Windows File Server | SMB 2/3 (via Kerberos) | Yes | SSD or HDD | Up to 3 GB/s | Windows shares, Active Directory integration | | FSx for Lustre | Lustre (POSIX, parallel) | Persistent only | SSD, HDD | Hundreds of GB/s | HPC, ML training, media rendering |

Common features

  • Encryption at rest via KMS; in transit via Kerberos (Windows), NFS over TLS (ONTAP), or Lustre's internal channels.
  • AWS Backup integration for policy-driven snapshots.
  • Multi-AZ deployments (ONTAP, OpenZFS, Windows) replicate synchronously across two AZs with automatic failover.
  • Storage capacity from 32 GiB (Windows) up to hundreds of TiB; ONTAP capacity pool scales to petabytes.
  • Access from anywhere in VPC — EC2, ECS, EKS, Lambda (via VPC), on-prem over VPN/Direct Connect.
  • Deduplication and compression (ONTAP, OpenZFS) reduce physical storage cost.
  • Lustre S3 integration — a Data Repository Association (DRA) lazily hydrates from an S3 prefix and exports changes back.

Common Use Cases

  1. Windows file shares — home drives, department shares, and legacy apps needing SMB + NTFS + AD.
  2. Hybrid NAS with SnapMirror — replicating on-prem NetApp volumes into AWS via FSx for NetApp ONTAP.
  3. Latency-sensitive Linux workloads — FSx for OpenZFS for sub-millisecond NFS with ZFS snapshots.
  4. HPC and ML training — FSx for Lustre next to GPU fleets, lazily hydrating petabytes from S3.
  5. Media rendering farms — Lustre scratch for video processing, CGI, or genomics pipelines.
  6. Database backup staging — ONTAP Multi-AZ with deduplication and SnapMirror replication.

Pricing Model

Each flavor prices differently:

  • FSx for NetApp ONTAP — per GB-month SSD primary storage + much cheaper capacity-pool tier + provisioned throughput capacity + backup storage.
  • FSx for OpenZFS — per GB-month SSD storage, provisioned throughput, optional provisioned IOPS, and snapshots.
  • FSx for Windows File Server — per GB-month (SSD 6–7× the HDD rate), throughput capacity, backups. Multi-AZ roughly doubles storage cost.
  • FSx for Lustre — per GB-month scratch or persistent storage, by storage type (SSD / HDD) and throughput tier (50, 100, 200, 500, or 1000 MB/s/TiB).

All flavors also incur AWS Backup storage, inter-AZ data transfer (Multi-AZ), and internet egress. Use capacity-pool tiering (ONTAP) or HDD (Windows/Lustre) to cut cost on cold data.

Pros and Cons

Pros

  • Feature-parity with industry-standard file systems (ONTAP, ZFS, Windows, Lustre) without the operational burden.
  • Integrated with AWS Backup, KMS, CloudWatch, AD/IAM, VPC networking.
  • Multi-AZ options for business continuity.
  • Lustre delivers HPC-grade throughput with S3 hydration.
  • Tight integration with specific on-prem workloads lets you migrate with minimal refactoring.

Cons

  • More expensive per GB than EFS or S3.
  • Provisioning model — you pick throughput capacity up front (except ONTAP's adaptive option).
  • Each flavor has its own operational model; cross-flavor knowledge doesn't always transfer.
  • Lustre scratch file systems are ephemeral — losing an AZ loses the data.
  • Windows and ONTAP require AD configuration that can be tricky for greenfield AWS-only shops.

Comparison with Alternatives

| Need | Best FSx flavor | Non-FSx alternative | | --- | --- | --- | | Shared Linux NFS | OpenZFS (low latency) | EFS (serverless, elastic) | | Windows SMB shares | Windows File Server | Self-managed Windows on EC2 | | Multi-protocol + hybrid | NetApp ONTAP | Third-party NetApp on EC2 | | HPC / ML training | Lustre | EFS (lower throughput) | | ZFS features | OpenZFS | Self-managed ZFS on EC2 | | Object storage | n/a | S3 |

For vanilla Linux shared file storage, EFS is usually the simpler, cheaper choice; pick FSx when you specifically need SMB, Lustre, ONTAP, or ZFS capabilities.

Exam Relevance

  • Solutions Architect Associate (SAA-C03) — map workload hints to FSx flavors: "Windows" + "Active Directory" → FSx for Windows; "HPC" or "ML training with high throughput" → FSx for Lustre; "SnapMirror" or "multi-protocol NAS" → FSx for NetApp ONTAP; "ZFS features" → FSx for OpenZFS.
  • Solutions Architect Professional (SAP-C02) — Multi-AZ deployments, cross-Region DR with FSx + AWS Backup, tiering strategies.
  • SysOps Administrator (SOA-C02) — throughput capacity tuning, AWS Backup plans, AD integration, CloudWatch monitoring.

Classic exam trap: "Linux + NFS" questions often point to EFS (simpler, serverless), not FSx. Pick FSx only when the scenario names a specific non-EFS capability (Windows AD, Lustre parallel I/O, NetApp features, ZFS snapshots).

Frequently Asked Questions

Q: What is the difference between Amazon FSx and Amazon EFS?

A: EFS is a single serverless NFSv4 filesystem purpose-built for Linux workloads — elastic capacity, pay per GB, simple. FSx is a family of four managed file systems with different protocols and features: FSx for Windows File Server (SMB + AD), FSx for NetApp ONTAP (multi-protocol + NetApp features), FSx for OpenZFS (ZFS semantics, low latency), and FSx for Lustre (HPC throughput). Choose EFS for generic Linux NFS; choose the right FSx flavor when you need a specific capability EFS lacks.

Q: Which FSx flavor should I use for machine-learning training workloads?

A: Amazon FSx for Lustre. It delivers hundreds of GB/s of aggregate throughput and sub-millisecond latency, ideal for feeding GPU clusters. Use the scratch deployment type for ephemeral training data you can rehydrate from S3, or the persistent deployment type when you need durable storage. Lustre's S3 integration lets you lazily hydrate from a bucket and export results back, making it straightforward to pair with Amazon S3 data lakes.

Q: Does FSx for Windows File Server integrate with Active Directory?

A: Yes. FSx for Windows File Server supports both AWS Managed Microsoft AD and self-managed Active Directory (on-prem AD reachable via Direct Connect or VPN, or an AD you run on EC2). Once joined, the file system honors NTFS ACLs, Kerberos authentication, DFS Namespaces, and shadow copies — a drop-in replacement for a Windows file server managed by your enterprise AD.

This article reflects AWS features and pricing as of 2026. AWS services evolve rapidly — always verify against the official Amazon FSx documentation before making production decisions.

Published: 4/17/2026

This article is for informational purposes only. AWS services, pricing, and features change frequently — always verify details against the official AWS documentation before making production decisions.

More in Storage

EBS Encryption: Secure Data at Rest & in Transit

Amazon EBS encryption secures data at rest on volumes and in transit between EC2 and volumes using AWS KMS. Learn how it works and when to use it.

EBS Snapshot: Backup, Migrate & Clone Data

An Amazon EBS Snapshot is a point-in-time copy of an EBS volume, used for backups, disaster recovery, and migration. Learn how it works and when to use it.

S3 Object Lock: WORM Storage for Data Protection

Amazon S3 Object Lock offers WORM storage to prevent object deletion/overwriting. Essential for regulatory compliance and ransomware protection. Learn how it works.

S3 Requester Pays: How It Works & When to Use It

S3 Requester Pays shifts data transfer & API costs to the requester, not the bucket owner. Ideal for public datasets. Learn when to choose it.

S3 Transfer Acceleration: Fast, Easy, Secure Long-Distance Transfers

Amazon S3 Transfer Acceleration speeds up file transfers over long distances. Learn how it works and when to use this bucket-level feature for faster uploads and downloads.

View all Storageterms →