# Working with shared storage in AWS ParallelCluster
In the following sections, you will learn about working with AWS ParallelCluster and shared storage, including shared storage considerations and how to convert managed storage to external storage.
**Topics**
+ [AWS ParallelCluster shared storage considerations](shared-storage-working-considerations-v3.md)
+ [Convert AWS ParallelCluster managed storage to external storage](shared-storage-conversion-v3.md)
# AWS ParallelCluster shared storage considerations
Consider the following when working with shared storage in AWS ParallelCluster.
+ Back up your file system data with [AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html) or another method to manage backups for all of your storage systems.
+ To add shared storage, you add a shared storage section to your configuration file and create or update the cluster.
+ To remove shared storage, you remove the shared storage section from your configuration file and update the cluster.
+ To replace existing AWS ParallelCluster managed shared storage with new managed storage, change the value for [`SharedStorage`](SharedStorage-v3.md) / [`Name`](SharedStorage-v3.md#yaml-SharedStorage-Name) and update the cluster.
**Warning**
By default, the existing AWS ParallelCluster managed storage and data is deleted when you perform the cluster update with a new `Name` parameter. If you need to change `Name` and retain the existing managed shared storage data, make sure you either set the `DeletionPolicy` to `Retain` or back up the data before you update the cluster.
+ If you don't back up AWS ParallelCluster managed storage data and `DeletionPolicy` is `Delete`, your data is deleted when either your cluster is deleted or when your managed storage is removed from the cluster configuration and the cluster is updated.
+ If you don't back up AWS ParallelCluster managed storage data and `DeletionPolicy` is `Retain`, your file system is detached before the cluster is deleted and can be re-attached to another cluster as an external file system. Your data is preserved.
+ If AWS ParallelCluster managed storage is removed from the cluster configuration and `DeletionPolicy` is `Retain`, it can be re-attached to the cluster as an external file system with your cluster data preserved.
+ Starting with AWS ParallelCluster version 3.4.0, you can enhance security for Amazon EFS file system mounts by configuring [`SharedStorage`](SharedStorage-v3.md) / [`EfsSettings`](SharedStorage-v3.md#SharedStorage-v3-EfsSettings) / [`EncryptionInTransit`](SharedStorage-v3.md#yaml-SharedStorage-EfsSettings-EncryptionInTransit) and [`IamAuthorization`](SharedStorage-v3.md#yaml-SharedStorage-EfsSettings-IamAuthorization) settings.
+ When mounting an external filesystem to the /home directory, AWS ParallelCluster copies the contents of the head node's /home directory to the external filesystem. It copies existing data in the /home directory without overwriting existing files or directories on the external storage. This includes the cluster's SSH key for the default user in case it does not already exist on the external filesystem. Consequently all other clusters that mount the same external filesystem to their respective /home directory will also have the same SSH key for their default user of the cluster.
+ In a multi-cluster environment that mounts the same external filesystem to the /home directories of clusters, SSH keys that grant access to the compute nodes, created on the head node by AWS ParallelCluster, are generated only once when the first cluster mounts the external filesystem to /home. All other clusters use the same SSH key. As a result, anyone possessing the SSH key for the default user of these shared clusters can access any cluster. All compute nodes allow connections using the initially generated key.
# Convert AWS ParallelCluster managed storage to external storage
Learn how to convert AWS ParallelCluster managed storage to external storage.
The procedures are based on the following example configuration file snippet.
```
...
- MountDir: /fsx
Name: fsx
StorageType: FsxLustre
FsxLustreSettings:
StorageCapacity: 1200
DeletionPolicy: Delete
...
```
**Convert AWS ParallelCluster managed storage to external storage**
1. Set the `DeletionPolicy` to `Retain` in the cluster configuration file.
```
...
- MountDir: /fsx
Name: fsx
StorageType: FsxLustre
FsxLustreSettings:
StorageCapacity: 1200
DeletionPolicy: Retain
...
```
1. To set the `DeletionPolicy` change, run the following command.
```
pcluster update-cluster -n cluster-name -c cluster-config.yaml
```
1. Remove the `SharedStorage` section from the cluster configuration file.
```
...
...
```
1. To change the managed `SharedStorage` to external `SharedStorage` and detach it from the cluster, run the following command.
```
pcluster update-cluster -n cluster-name -c cluster-config.yaml
```
1. Your shared storage is now external and detached from the cluster.
1. To attach your external file system to the original cluster or another cluster, follow these steps.
1. Get the FSx for Lustre file system ID.
1. To use the AWS CLI run the following command and find the file system with a name that includes the name of your original cluster and note the file system ID.
```
aws fsx describe-file-systems
```
1. To use the AWS Management Console, log in and navigate to the [https://console.aws.amazon.com/fsx/](https://console.aws.amazon.com/fsx/). In the list of file systems, find the file system with a name that includes the name of your original cluster and note the file system ID.
1. Update the file system security group rules to provide access to and from the file system and cluster subnets. You can find the file system security group name and ID in the Amazon FSx console.
Add rules to the file system security group that allow inbound and outbound TCP traffic from and to the head node and the compute node IP CIDR ranges or prefixes. Specify TCP ports 988, 1021, 1022, and 1023 for the inbound and outbound TCP traffic.
For more information, see [`SharedStorage`](SharedStorage-v3.md) / [`FsxLustreSettings`](SharedStorage-v3.md#SharedStorage-v3-FsxLustreSettings) / [`FileSystemId`](SharedStorage-v3.md#yaml-SharedStorage-FsxLustreSettings-FileSystemId) and [Creating, configuring, and deleting security groups for Amazon EC2 ](https://docs.aws.amazon.com/cli/latest/userguide/cli-services-ec2-sg.html) in the *AWS Command Line Interface User Guide for Version 2*.
1. Add the `SharedStorage` section to the cluster configuration.
```
...
- MountDir: /fsx
Name: fsx-external
StorageType: FsxLustre
FsxLustreSettings:
FileSystemId: fs-02e5b4b4abd62d51c
...
```
1. To add the external shared storage to the cluster, run the following command.
```
pcluster update-cluster -n cluster-name -c cluster-config.yaml
```