Sign In to the Console
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource Types Reference » AWS::EFS::FileSystem

AWS::EFS::FileSystem

The AWS::EFS::FileSystem resource creates a new, empty file system in Amazon Elastic File System (Amazon EFS). You must create a mount target (AWS::EFS::MountTarget) to mount your Amazon EFS file system on an Amazon Elastic Compute Cloud (Amazon EC2) instance. For more information, see the CreateFileSystem API in the Amazon Elastic File System User Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::EFS::FileSystem",
  "Properties" : {
    "Encrypted" : Boolean,
    "FileSystemTags" : [ FileSystemTags, ... ],
    "KmsKeyId" : String,
    "PerformanceMode" : String,
    "ProvisionedThroughputInMibps" : Double,
    "ThroughputMode" : String
  }
}

YAML

Type: AWS::EFS::FileSystem
Properties: 
  Encrypted: Boolean
  FileSystemTags:
    - FileSystemTags
  KmsKeyId: String
  PerformanceMode: String
  ProvisionedThroughputInMibps: Double
  ThroughputMode: String

Properties

FileSystemTags

Tags to associate with the file system.

Required: No

Type: Amazon Elastic File System FileSystem FileSystemTags

Update requires: No interruption

Encrypted

A boolean value that, if true, creates an encrypted file system. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.

Required: No

Type: Boolean

Update requires: Replacement

KmsKeyId

The ID of the AWS KMS customer master key (CMK) to use to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.

Required: Conditional. This parameter is required if you use a non-default CMK.

Type: String

Update requires: Replacement

PerformanceMode

The performance mode of the file system. For valid values, see the PerformanceMode parameter for the CreateFileSystem action in the Amazon Elastic File System User Guide.

For more information about performance modes, see Amazon EFS Performance in the Amazon Elastic File System User Guide.

Required: No

Type: String

Update requires: Replacement

ProvisionedThroughputInMibps

The throughput, measured in MiB/s, that you want to provision for a file system that you're creating. The limit on throughput is 1024 MiB/s. You can get these limits increased by contacting AWS Support. For more information, see Amazon EFS Limits That You Can Increase in the Amazon Elastic File System User Guide.

Valid Range: Minimum value of 0.0.

Required: No

Type: Double

Update requires: No interruption

ThroughputMode

The throughput mode for the file system to be created. There are two throughput modes to choose from for your file system: bursting and provisioned. You can decrease your file system's throughput in Provisioned Throughput mode or change between the throughput modes as long as it’s been more than 24 hours since the last decrease or throughput mode change.

Valid Values: bursting and provisioned.

Required: No

Type: String

Update requires: No interruption

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the resource ID, such as fs-47a2c22e.

For more information about using the Ref function, see Ref.

Example

The following example declares an encrypted file system:

JSON

{
    "Resources": {
        "filesystem": {
            "Type": "AWS::EFS::FileSystem",
            "Properties": {
                "Encrypted": true,
                "KmsKeyId": {
                    "Fn::GetAtt": [
                        "key",
                        "Arn"
                    ]
                }
            }
        },
        "key": {
            "Type": "AWS::KMS::Key",
            "Properties": {
                "KeyPolicy": {
                    "Version": "2012-10-17",
                    "Id": "key-default-1",
                    "Statement": [
                        {
                            "Sid": "Allow administration of the key",
                            "Effect": "Allow",
                            "Principal": {
                                "AWS": {
                                    "Fn::Join": [
                                        "",
                                        [
                                            "arn:aws:iam::",
                                            {
                                                "Ref": "AWS::AccountId"
                                            },
                                            ":root"
                                        ]
                                    ]
                                }
                            },
                            "Action": [
                                "kms:*"
                            ],
                            "Resource": "*"
                        }
                    ]
                }
            }
        }
    },
    "Outputs": {
        "KeyId": {
            "Value": {
                "Fn::GetAtt": [
                    "key",
                    "Arn"
                ]
            }
        }
    }
}

YAML

Resources:
  filesystem:
    Type: AWS::EFS::FileSystem
    Properties:
      Encrypted: true
      KmsKeyId: !GetAtt 
        - key
        - Arn
  key:
    Type: AWS::KMS::Key
    Properties:
      KeyPolicy:
        Version: 2012-10-17
        Id: key-default-1
        Statement:
          - Sid: Allow administration of the key
            Effect: Allow
            Principal:
              AWS: !Join 
                - ''
                - - 'arn:aws:iam::'
                  - !Ref 'AWS::AccountId'
                  - ':root'
            Action:
              - 'kms:*'
            Resource: '*'
Outputs:
  KeyId:
    Value: !GetAtt 
      - key
      - Arn

Additional Resources

For a complete sample template, see Amazon Elastic File System Sample Template.