FileSystemProps

class aws_cdk.aws_efs.FileSystemProps(*, vpc, allow_anonymous_access=None, enable_automatic_backups=None, encrypted=None, file_system_name=None, file_system_policy=None, kms_key=None, lifecycle_policy=None, one_zone=None, out_of_infrequent_access_policy=None, performance_mode=None, provisioned_throughput_per_second=None, removal_policy=None, replication_configuration=None, replication_overwrite_protection=None, security_group=None, throughput_mode=None, transition_to_archive_policy=None, vpc_subnets=None)

Bases: object

Properties of EFS FileSystem.

Parameters:

vpc (IVpc) – VPC to launch the file system in.
allow_anonymous_access (Optional[bool]) – Allow access from anonymous client that doesn’t use IAM authentication. Default: false when using grantRead, grantWrite, grantRootAccess or set @aws-cdk/aws-efs:denyAnonymousAccess feature flag, otherwise true
enable_automatic_backups (Optional[bool]) – Whether to enable automatic backups for the file system. Default: false
encrypted (Optional[bool]) – Defines if the data at rest in the file system is encrypted or not. Default: - If your application has the ‘@aws-cdk/aws-efs:defaultEncryptionAtRest’ feature flag set, the default is true, otherwise, the default is false.
file_system_name (Optional[str]) – The file system’s name. Default: - CDK generated name
file_system_policy (Optional[PolicyDocument]) – File system policy is an IAM resource policy used to control NFS access to an EFS file system. Default: none
kms_key (Optional[IKey]) – The KMS key used for encryption. This is required to encrypt the data at rest if Default: - if ‘encrypted’ is true, the default key for EFS (/aws/elasticfilesystem) is used
lifecycle_policy (Optional[LifecyclePolicy]) – A policy used by EFS lifecycle management to transition files to the Infrequent Access (IA) storage class. Default: - None. EFS will not transition files to the IA storage class.
one_zone (Optional[bool]) – Whether this is a One Zone file system. If enabled, performanceMode must be set to GENERAL_PURPOSE and vpcSubnets cannot be set. Default: false
out_of_infrequent_access_policy (Optional[OutOfInfrequentAccessPolicy]) – A policy used by EFS lifecycle management to transition files from Infrequent Access (IA) storage class to primary storage class. Default: - None. EFS will not transition files from IA storage to primary storage.
performance_mode (Optional[PerformanceMode]) – The performance mode that the file system will operate under. An Amazon EFS file system’s performance mode can’t be changed after the file system has been created. Updating this property will replace the file system. Default: PerformanceMode.GENERAL_PURPOSE
provisioned_throughput_per_second (Optional[Size]) – Provisioned throughput for the file system. This is a required property if the throughput mode is set to PROVISIONED. Must be at least 1MiB/s. Default: - none, errors out
removal_policy (Optional[RemovalPolicy]) – The removal policy to apply to the file system. Default: RemovalPolicy.RETAIN
replication_configuration (Optional[ReplicationConfiguration]) – Replication configuration for the file system. Default: - no replication
replication_overwrite_protection (Optional[ReplicationOverwriteProtection]) – Whether to enable the filesystem’s replication overwrite protection or not. Set false if you want to create a read-only filesystem for use as a replication destination. Default: ReplicationOverwriteProtection.ENABLED
security_group (Optional[ISecurityGroup]) – Security Group to assign to this file system. Default: - creates new security group which allows all outbound traffic
throughput_mode (Optional[ThroughputMode]) – Enum to mention the throughput mode of the file system. Default: ThroughputMode.BURSTING
transition_to_archive_policy (Optional[LifecyclePolicy]) – The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don’t count as file access events. Default: - None. EFS will not transition files to Archive storage class.
vpc_subnets (Union[SubnetSelection, Dict[str, Any], None]) – Which subnets to place the mount target in the VPC. Default: - the Vpc default strategy if not specified

ExampleMetadata:

infused

Example:

import aws_cdk.aws_iam as iam


role = iam.Role(self, "ClientRole",
    assumed_by=iam.AnyPrincipal()
)
file_system = efs.FileSystem(self, "MyEfsFileSystem",
    vpc=ec2.Vpc(self, "VPC"),
    allow_anonymous_access=True
)

file_system.grant_read(role)

Attributes

allow_anonymous_access

Allow access from anonymous client that doesn’t use IAM authentication.

Default:

false when using grantRead, grantWrite, grantRootAccess or set @aws-cdk/aws-efs:denyAnonymousAccess feature flag, otherwise true

enable_automatic_backups

Whether to enable automatic backups for the file system.

Default:: false

encrypted

Defines if the data at rest in the file system is encrypted or not.

Default:

If your application has the ‘@aws-cdk/aws-efs:defaultEncryptionAtRest’ feature flag set, the default is true, otherwise, the default is false.

Link:

https://docs.aws.amazon.com/cdk/latest/guide/featureflags.html

file_system_name

The file system’s name.

Default:

CDK generated name

file_system_policy

File system policy is an IAM resource policy used to control NFS access to an EFS file system.

Default:: none

kms_key

The KMS key used for encryption.

This is required to encrypt the data at rest if

Default:

if ‘encrypted’ is true, the default key for EFS (/aws/elasticfilesystem) is used

Encrypted:

is set to true.

lifecycle_policy

A policy used by EFS lifecycle management to transition files to the Infrequent Access (IA) storage class.

Default:

None. EFS will not transition files to the IA storage class.

one_zone

Whether this is a One Zone file system.

If enabled, performanceMode must be set to GENERAL_PURPOSE and vpcSubnets cannot be set.

Default:: false
Link:: https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type

out_of_infrequent_access_policy

A policy used by EFS lifecycle management to transition files from Infrequent Access (IA) storage class to primary storage class.

Default:

None. EFS will not transition files from IA storage to primary storage.

performance_mode

The performance mode that the file system will operate under.

An Amazon EFS file system’s performance mode can’t be changed after the file system has been created. Updating this property will replace the file system.

Default:: PerformanceMode.GENERAL_PURPOSE

provisioned_throughput_per_second

Provisioned throughput for the file system.

This is a required property if the throughput mode is set to PROVISIONED. Must be at least 1MiB/s.

Default:

none, errors out

removal_policy

The removal policy to apply to the file system.

Default:: RemovalPolicy.RETAIN

replication_configuration

Replication configuration for the file system.

Default:

no replication

replication_overwrite_protection

Whether to enable the filesystem’s replication overwrite protection or not.

Set false if you want to create a read-only filesystem for use as a replication destination.

Default:: ReplicationOverwriteProtection.ENABLED
See:: https://docs.aws.amazon.com/efs/latest/ug/replication-use-cases.html#replicate-existing-destination

security_group

Security Group to assign to this file system.

Default:

creates new security group which allows all outbound traffic

throughput_mode

Enum to mention the throughput mode of the file system.

Default:: ThroughputMode.BURSTING

transition_to_archive_policy

The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage.

Metadata operations such as listing the contents of a directory don’t count as file access events.

Default:

None. EFS will not transition files to Archive storage class.

vpc: VPC to launch the file system in.

vpc_subnets

Which subnets to place the mount target in the VPC.

Default:

the Vpc default strategy if not specified