Menu
Amazon Elastic File System
User Guide

ModifyMountTargetSecurityGroups

Modifies the set of security groups in effect for a mount target.

When you create a mount target, Amazon EFS also creates a new network interface. For more information, see CreateMountTarget. This operation replaces the security groups in effect for the network interface associated with a mount target, with the SecurityGroups provided in the request. This operation requires that the network interface of the mount target has been created and the lifecycle state of the mount target is not deleted.

The operation requires permissions for the following actions:

  • elasticfilesystem:ModifyMountTargetSecurityGroups action on the mount target's file system.

  • ec2:ModifyNetworkInterfaceAttribute action on the mount target's network interface.

Request Syntax

Copy
PUT /2015-02-01/mount-targets/MountTargetId/security-groups HTTP/1.1 Content-type: application/json { "SecurityGroups": [ "string" ] }

URI Request Parameters

The request requires the following URI parameters.

MountTargetId

ID of the mount target whose security groups you want to modify.

Request Body

The request accepts the following data in JSON format.

SecurityGroups

Array of up to five VPC security group IDs.

Type: Array of strings

Array Members: Maximum number of 5 items.

Required: No

Response Syntax

Copy
HTTP/1.1 204

Response Elements

If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

Errors

BadRequest

Returned if the request is malformed or contains an error such as an invalid parameter value or a missing required parameter.

HTTP Status Code: 400

IncorrectMountTargetState

Returned if the mount target is not in the correct state for the operation.

HTTP Status Code: 409

InternalServerError

Returned if an error occurred on the server side.

HTTP Status Code: 500

MountTargetNotFound

Returned if there is no mount target with the specified ID found in the caller's account.

HTTP Status Code: 404

SecurityGroupLimitExceeded

Returned if the size of SecurityGroups specified in the request is greater than five.

HTTP Status Code: 400

SecurityGroupNotFound

Returned if one of the specified security groups does not exist in the subnet's VPC.

HTTP Status Code: 400

Example

Replace a mount target's security groups

The following example replaces security groups in effect for the network interface associated with a mount target.

Sample Request

Copy
PUT /2015-02-01/mount-targets/fsmt-9a13661e/security-groups HTTP/1.1 Host: elasticfilesystem.us-west-2.amazonaws.com x-amz-date: 20140620T223446Z Authorization: <...> Content-Type: application/json Content-Length: 57 { "SecurityGroups" : [ "sg-188d9f74" ] }

Sample Response

Copy
HTTP/1.1 204 No Content x-amzn-RequestId: 088fb0b4-0c1d-4af7-9de1-933207fbdb46

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: