efs-access-point-enforce-user-identity

Checks if Amazon Elastic File System (Amazon EFS) access points are configured to enforce a user identity. The rule is NON_COMPLIANT if 'PosixUser' is not defined or if parameters are provided and there is no match in the corresponding parameter.

Identifier: EFS_ACCESS_POINT_ENFORCE_USER_IDENTITY

Resource Types: AWS::EFS::AccessPoint

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region

Parameters:

approvedUids (Optional)
Type: CSV: Comma-separated list of POSIX user ID that are approved for EFS access point user enforcement.
approvedGids (Optional)
Type: CSV: Comma-separated list of POSIX group IDs that are approved for EFS access point user enforcement.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

efs-access-point-enforce-root-directory

efs-encrypted-check