AWS::EFS::FileSystem
The AWS::EFS::FileSystem resource creates a new, empty file system in
Amazon Elastic File System (Amazon EFS). You must create a mount target (AWS::EFS::MountTarget) to
mount your Amazon EFS file system on an Amazon Elastic Compute Cloud (Amazon EC2)
instance. For more information, see the
CreateFileSystem API in the
Amazon Elastic File System User Guide.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::EFS::FileSystem", "Properties" : { "Encrypted" :Boolean, "FileSystemTags" : [FileSystemTags, ... ], "KmsKeyId" :String, "PerformanceMode" :String} }
YAML
Type: "AWS::EFS::FileSystem" Properties:Encrypted:BooleanFileSystemTags: -FileSystemTagsKmsKeyId:StringPerformanceMode:String
Properties
FileSystemTags-
Tags to associate with the file system.
Required: No
Type: Amazon Elastic File System FileSystem FileSystemTags
Update requires: No interruption
Encrypted-
A boolean value that, if true, creates an encrypted file system. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.
Required: No
Type: Boolean
Update requires: Replacement
KmsKeyId-
The ID of the AWS KMS customer master key (CMK) to use to protect the encrypted file system. This parameter is only required if you want to use a non-default CMK. For more information, see CreateFileSystem in the Amazon Elastic File System User Guide.
Required: Conditional. This parameter is required if you use a non-default CMK.
Type: String
Update requires: Replacement
PerformanceMode-
The performance mode of the file system. For valid values, see the
PerformanceModeparameter for the CreateFileSystem action in the Amazon Elastic File System User Guide.For more information about performance modes, see Amazon EFS Performance in the Amazon Elastic File System User Guide.
Required: No
Type: String
Update requires: Replacement
Return Value
Ref
When the logical ID of this resource is provided to the Ref
intrinsic function, Ref returns the resource ID, such as
fs-47a2c22e.
For more information about using the Ref function, see Ref.
Example
The following example declares an encrypted file system:
JSON
{ "Resources": { "filesystem": { "Type": "AWS::EFS::FileSystem", "Properties": { "Encrypted": true, "KmsKeyId": { "Fn::GetAtt": [ "key", "Arn" ] } } }, "key": { "Type": "AWS::KMS::Key", "Properties": { "KeyPolicy": { "Version": "2012-10-17", "Id": "key-default-1", "Statement": [ { "Sid": "Allow administration of the key", "Effect": "Allow", "Principal": { "AWS": { "Fn::Join": [ "", [ "arn:aws:iam::", { "Ref": "AWS::AccountId" }, ":root" ] ] } }, "Action": [ "kms:*" ], "Resource": "*" } ] } } } }, "Outputs": { "KeyId": { "Value": { "Fn::GetAtt": [ "key", "Arn" ] } } } }
YAML
Resources: filesystem: Type: 'AWS::EFS::FileSystem' Properties: Encrypted: true KmsKeyId: !GetAtt - key - Arn key: Type: 'AWS::KMS::Key' Properties: KeyPolicy: Version: 2012-10-17 Id: key-default-1 Statement: - Sid: Allow administration of the key Effect: Allow Principal: AWS: !Join - '' - - 'arn:aws:iam::' - !Ref 'AWS::AccountId' - ':root' Action: - 'kms:*' Resource: '*' Outputs: KeyId: Value: !GetAtt - key - Arn
Additional Resources
For a complete sample template, see Amazon Elastic File System Sample Template.
