Menu
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS::EFS::FileSystem

The AWS::EFS::FileSystem resource creates a new, empty file system in Amazon Elastic File System (Amazon EFS). You must create a mount target (AWS::EFS::MountTarget) to mount your Amazon EFS file system on an Amazon Elastic Compute Cloud (Amazon EC2) instance. For more information, see the CreateFileSystem API in the Amazon Elastic File System User Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

Copy
{ "Type" : "AWS::EFS::FileSystem", "Properties" : { "Encrypted" : Boolean, "FileSystemTags" : [ FileSystemTags, ... ], "KmsKeyId" : String, "PerformanceMode" : String } }

YAML

Copy
Type: "AWS::EFS::FileSystem" Properties: Encrypted: Boolean FileSystemTags: - FileSystemTags KmsKeyId: String PerformanceMode: String

Properties

FileSystemTags

Tags to associate with the file system.

Required: No

Type: Amazon Elastic File System FileSystem FileSystemTags

Update requires: No interruption

Encrypted

A boolean value that, if true, creates an encrypted file system. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.

Required: No

Type: Boolean

Update requires: Replacement

KmsKeyId

The ID of the AWS KMS customer master key (CMK) to use to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.

Required: Conditional. This parameter is required if you use a non-default CMK.

Type: String

Update requires: Replacement

PerformanceMode

The performance mode of the file system. For valid values, see the PerformanceMode parameter for the CreateFileSystem action in the Amazon Elastic File System User Guide.

For more information about performance modes, see Amazon EFS Performance in the Amazon Elastic File System User Guide.

Required: No

Type: String

Update requires: Replacement

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource ID, such as fs-47a2c22e.

For more information about using the Ref function, see Ref.

Example

The following example declares an encrypted file system:

JSON

Copy
{ "Resources": { "filesystem": { "Type": "AWS::EFS::FileSystem", "Properties": { "Encrypted": true, "KmsKeyId": { "Fn::GetAtt": [ "key", "Arn" ] } } }, "key": { "Type": "AWS::KMS::Key", "Properties": { "KeyPolicy": { "Version": "2012-10-17", "Id": "key-default-1", "Statement": [ { "Sid": "Allow administration of the key", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:aws:iam::", { "Ref": "AWS::AccountId" }, ":root" ] ] } }, "Action": [ "kms:*" ], "Resource": "*" } ] } } } }, "Outputs": { "KeyId": { "Value": { "Fn::GetAtt": [ "key", "Arn" ] } } } }

YAML

Copy
Resources: filesystem: Type: 'AWS::EFS::FileSystem' Properties: Encrypted: true KmsKeyId: !GetAtt - key - Arn key: Type: 'AWS::KMS::Key' Properties: KeyPolicy: Version: 2012-10-17 Id: key-default-1 Statement: - Sid: Allow administration of the key Effect: Allow Principal: AWS: !Join - '' - - 'arn:aws:iam::' - !Ref 'AWS::AccountId' - ':root' Action: - 'kms:*' Resource: '*' Outputs: KeyId: Value: !GetAtt - key - Arn

Additional Resources

For a complete sample template, see Amazon Elastic File System Sample Template.