AWS::EFS::AccessPoint - AWS CloudFormation

AWS::EFS::AccessPoint

The AWS::EFS::AccessPoint resource creates an EFS access point. An access point is an application-specific view into an EFS file system that applies an operating system user and group, and a file system path, to any file system request made through the access point. The operating system user and group override any identity information provided by the NFS client. The file system path is exposed as the access point's root directory. Applications using the access point can only access data in its own directory and below. To learn more, see Mounting a file system using EFS access points.

This operation requires permissions for the elasticfilesystem:CreateAccessPoint action.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::EFS::AccessPoint", "Properties" : { "AccessPointTags" : [ AccessPointTag, ... ], "ClientToken" : String, "FileSystemId" : String, "PosixUser" : PosixUser, "RootDirectory" : RootDirectory } }

YAML

Type: AWS::EFS::AccessPoint Properties: AccessPointTags: - AccessPointTag ClientToken: String FileSystemId: String PosixUser: PosixUser RootDirectory: RootDirectory

Properties

AccessPointTags

An array of key-value pairs to apply to this resource.

For more information, see Tag.

Required: No

Type: Array of AccessPointTag

Update requires: No interruption

ClientToken

The opaque string specified in the request to ensure idempotent creation.

Required: No

Type: String

Pattern: .+

Minimum: 1

Maximum: 64

Update requires: Replacement

FileSystemId

The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example fs-0123456789abcedf2.

Required: Yes

Type: String

Pattern: ^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:file-system/fs-[0-9a-f]{8,40}|fs-[0-9a-f]{8,40})$

Maximum: 128

Update requires: Replacement

PosixUser

The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.

Required: No

Type: PosixUser

Update requires: Replacement

RootDirectory

The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.

Required: No

Type: RootDirectory

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AccessPoint ID. For example:

{"Ref":"access_point-logical_id"} returns

fsap-0123456789abcdef0

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

AccessPointId

The ID of the EFS access point.

Arn

The Amazon Resource Name (ARN) of the access point.

Examples

Declare an Access Point for an EFS File System

The following example declares an access point that is associated with an EFS file system. For information about mounting file systems on EC2 instances, see Mounting File Systems in the EFS User Guide.

JSON

"AccessPointResource": { "Type": "AWS::EFS::AccessPoint", "Properties": { "FileSystemId": { "Ref": "FileSystemResource" }, "PosixUser": { "Uid": "13234", "Gid": "1322", "SecondaryGids": [ "1344", "1452" ] }, "RootDirectory": { "CreationInfo": { "OwnerGid": "708798", "OwnerUid": "7987987", "Permissions": "0755" }, "Path": "/testcfn/abc" } } } }

YAML

AccessPointResource: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref FileSystemResource PosixUser: Uid: "13234" Gid: "1322" SecondaryGids: - "1344" - "1452" RootDirectory: CreationInfo: OwnerGid: "708798" OwnerUid: "7987987" Permissions: "0755" Path: "/testcfn/abc"

See also