AccessPointOptions

class aws_cdk.aws_efs.AccessPointOptions(*, create_acl=None, path=None, posix_user=None)

Bases: object

Options to create an AccessPoint.

Parameters:

create_acl (Union[Acl, Dict[str, Any], None]) – Specifies the POSIX IDs and permissions to apply when creating the access point’s root directory. If the root directory specified by path does not exist, EFS creates the root directory and applies the permissions specified here. If the specified path does not exist, you must specify createAcl. Default: - None. The directory specified by path must exist.
path (Optional[str]) – Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. Default: ‘/’
posix_user (Union[PosixUser, Dict[str, Any], None]) – The full POSIX identity, including the user ID, group ID, and any secondary group IDs, on the access point that is used for all file system operations performed by NFS clients using the access point. Specify this to enforce a user identity using an access point. Default: - user identity not enforced

ExampleMetadata:

infused

Example:

import aws_cdk.aws_ec2 as ec2
import aws_cdk.aws_efs as efs


# create a new VPC
vpc = ec2.Vpc(self, "VPC")

# create a new Amazon EFS filesystem
file_system = efs.FileSystem(self, "Efs", vpc=vpc)

# create a new access point from the filesystem
access_point = file_system.add_access_point("AccessPoint",
    # set /export/lambda as the root of the access point
    path="/export/lambda",
    # as /export/lambda does not exist in a new efs filesystem, the efs will create the directory with the following createAcl
    create_acl=efs.Acl(
        owner_uid="1001",
        owner_gid="1001",
        permissions="750"
    ),
    # enforce the POSIX identity so lambda function will access with this identity
    posix_user=efs.PosixUser(
        uid="1001",
        gid="1001"
    )
)

fn = lambda_.Function(self, "MyLambda",
    # mount the access point to /mnt/msg in the lambda runtime environment
    filesystem=lambda_.FileSystem.from_efs_access_point(access_point, "/mnt/msg"),
    runtime=lambda_.Runtime.NODEJS_16_X,
    handler="index.handler",
    code=lambda_.Code.from_asset(path.join(__dirname, "lambda-handler")),
    vpc=vpc
)

Attributes

create_acl

Specifies the POSIX IDs and permissions to apply when creating the access point’s root directory.

If the root directory specified by path does not exist, EFS creates the root directory and applies the permissions specified here. If the specified path does not exist, you must specify createAcl.

Default:

None. The directory specified by path must exist.

path

Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system.

Default:: ‘/’

posix_user

The full POSIX identity, including the user ID, group ID, and any secondary group IDs, on the access point that is used for all file system operations performed by NFS clients using the access point.

Specify this to enforce a user identity using an access point.

Default:

user identity not enforced

See:

Enforcing a User Identity Using an Access Point