Monitoring mount attempt successes and failures
You can use Amazon CloudWatch Logs to monitor and report the success or failure of mount attempts for your EFS file systems remotely without having to log into the clients. Use the following procedure to configure your EC2 instance to use CloudWatch Logs to monitor the success or failure of its file system mount attempts.
To enable mount attempt success or failure notification in CloudWatch logs
Install
amazon-efs-utils
on the EC2 instance mounting the file system. For more information, see Automatically installing or updating Amazon EFS client using AWS Systems Manager or Manually installing the Amazon EFS client.Install
botocore
on the EC2 instance that will mount the file system. For more information, see Installing and upgrading botocore.Enable the CloudWatch Logs feature in
amazon-efs-utils
. When you use AWS Systems Manager to install and configureamazon-efs-utils
, CloudWatch logging is automatically done for you. When you install theamazon-efs-utils
package manually, you have to manually update the/etc/amazon/efs/efs-utils.conf
configuration file by uncommenting the# enabled = true
line in thecloudwatch-log
section. Use one of the following commands to enable CloudWatch Logs manually.For Linux instances:
sudo sed -i -e '/\[cloudwatch-log\]/{N;s/# enabled = true/enabled = true/}' /etc/amazon/efs/efs-utils.conf
For MacOS instances:
EFS_UTILS_VERSION=
efs-utils-version
sudo sed -i -e '/\[cloudwatch-log\]/{N;s/# enabled = true/enabled = true/;}' /usr/local/Cellar/amazon-efs-utils/${EFS_UTILS_VERSION}/libexec/etc/amazon/efs/efs-utils.confFor Mac2 instances:
EFS_UTILS_VERSION=
efs-utils-version
sudo sed -i -e '/\[cloudwatch-log\]/{N;s/# enabled = true/enabled = true/;}' /opt/homebrew/Cellar/amazon-efs-utils/${EFS_UTILS_VERSION}/libexec/etc/amazon/efs/efs-utils.conf-
Optionally, you can configure CloudWatch Logs group names and set the log retention days in the
efs-utils.conf
file. If you want to have separate log groups in CloudWatch for each mounted file system, add/{fs_id}
to the end of thelog_group_name
field inefs-utils.conf
file, as follows:[cloudwatch-log] log_group_name = /aws/efs/utils/{fs_id}
Attach the
AmazonElasticFileSystemsUtils
AWS managed policy to the IAM role that you have attached to the EC2 instance, or to the AWS credentials configured on your instance. You can use Systems Manager to do this, for more information, see Step 1: Configure an IAM instance profile with the required permissions.
The following are examples of mount attempt status log entries:
Successfully mounted fs-12345678.efs.us-east-1.amazonaws.com at /home/ec2-user/efs Mount failed, Failed to resolve "fs-01234567.efs.us-east-1.amazonaws.com"
To view mount status in CloudWatch Logs
Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/
. Choose Log groups in the left-hand navigation bar.
Choose the /aws/efs/utils log group. You will see a log stream for each Amazon EC2 instance and EFS file system combination.
Choose a log stream to view specific log events including mount attempt success or failure status.