AWS::EFS::AccessPoint
The AWS::EFS::AccessPoint resource creates an EFS access point.
An access point is an application-specific view into an EFS file system that applies an operating system user and
group, and a file system path, to any file system request made through the access point. The operating system
user and group override any identity information provided by the NFS client. The file system path is exposed as
the access point's root directory. Applications using the access point can only access data in its own directory and below. To learn more, see
Mounting a file system using EFS access points.
This operation requires permissions for the elasticfilesystem:CreateAccessPoint action.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::EFS::AccessPoint", "Properties" : { "AccessPointTags" :[ AccessPointTag, ... ], "ClientToken" :String, "FileSystemId" :String, "PosixUser" :PosixUser, "RootDirectory" :RootDirectory} }
YAML
Type: AWS::EFS::AccessPoint Properties: AccessPointTags:- AccessPointTagClientToken:StringFileSystemId:StringPosixUser:PosixUserRootDirectory:RootDirectory
Properties
-
An array of key-value pairs to apply to this resource.
For more information, see Tag.
Required: No
Type: Array of AccessPointTag
Update requires: No interruption
ClientToken-
The opaque string specified in the request to ensure idempotent creation.
Required: No
Type: String
Pattern:
.+Minimum:
1Maximum:
64Update requires: Replacement
FileSystemId-
The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example
fs-0123456789abcedf2.Required: Yes
Type: String
Pattern:
^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:file-system/fs-[0-9a-f]{8,40}|fs-[0-9a-f]{8,40})$Maximum:
128Update requires: Replacement
PosixUser-
The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.
Required: No
Type: PosixUser
Update requires: Replacement
RootDirectory-
The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.
Required: No
Type: RootDirectory
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AccessPoint ID. For example:
{"Ref":"access_point-logical_id"} returns
fsap-0123456789abcdef0
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
AccessPointId-
The ID of the EFS access point.
Arn-
The Amazon Resource Name (ARN) of the access point.
Examples
Declare an Access Point for an EFS File System
The following example declares an access point that is associated with an EFS file system. For information about mounting file systems on EC2 instances, see Mounting File Systems in the EFS User Guide.
JSON
"AccessPointResource": { "Type": "AWS::EFS::AccessPoint", "Properties": { "FileSystemId": { "Ref": "FileSystemResource" }, "PosixUser": { "Uid": "13234", "Gid": "1322", "SecondaryGids": [ "1344", "1452" ] }, "RootDirectory": { "CreationInfo": { "OwnerGid": "708798", "OwnerUid": "7987987", "Permissions": "0755" }, "Path": "/testcfn/abc" } } } }
YAML
AccessPointResource: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref FileSystemResource PosixUser: Uid: "13234" Gid: "1322" SecondaryGids: - "1344" - "1452" RootDirectory: CreationInfo: OwnerGid: "708798" OwnerUid: "7987987" Permissions: "0755" Path: "/testcfn/abc"
See also
-
Working with Amazon EFS access points in the Amazon EFS User Guide.
