# Amazon Elastic File System Construct Library
<!--BEGIN STABILITY BANNER-->---
---
<!--END STABILITY BANNER-->
[Amazon Elastic File System](https://docs.aws.amazon.com/efs/latest/ug/whatisefs.html) (Amazon EFS) provides a simple, scalable,
fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources.
Amazon EFS provides file storage in the AWS Cloud. With Amazon EFS, you can create a file system,
mount the file system on an Amazon EC2 instance, and then read and write data to and from your file system.
This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project.
## File Systems
Amazon EFS provides elastic, shared file storage that is POSIX-compliant. The file system you create
supports concurrent read and write access from multiple Amazon EC2 instances and is accessible from
all of the Availability Zones in the AWS Region where it is created. Learn more about [EFS file systems](https://docs.aws.amazon.com/efs/latest/ug/creating-using.html)
### Create an Amazon EFS file system
A Virtual Private Cloud (VPC) is required to create an Amazon EFS file system.
The following example creates a file system that is encrypted at rest, running in `General Purpose`
performance mode, and `Bursting` throughput mode and does not transition files to the Infrequent
Access (IA) storage class.
```python
file_system = efs.FileSystem(self, "MyEfsFileSystem",
vpc=ec2.Vpc(self, "VPC"),
lifecycle_policy=efs.LifecyclePolicy.AFTER_14_DAYS, # files are not transitioned to infrequent access (IA) storage by default
performance_mode=efs.PerformanceMode.GENERAL_PURPOSE, # default
out_of_infrequent_access_policy=efs.OutOfInfrequentAccessPolicy.AFTER_1_ACCESS
)
```
⚠️ An Amazon EFS file system's performance mode can't be changed after the file system has been created.
Updating this property will replace the file system.
Any file system that has been created outside the stack can be imported into your CDK app.
Use the `fromFileSystemAttributes()` API to import an existing file system.
Here is an example of giving a role write permissions on a file system.
```python
import aws_cdk.aws_iam as iam
imported_file_system = efs.FileSystem.from_file_system_attributes(self, "existingFS",
file_system_id="fs-12345678", # You can also use fileSystemArn instead of fileSystemId.
security_group=ec2.SecurityGroup.from_security_group_id(self, "SG", "sg-123456789",
allow_all_outbound=False
)
)
```
### Permissions
If you need to grant file system permissions to another resource, you can use the `.grant()` API.
As an example, the following code gives `elasticfilesystem:ClientWrite` permissions to an IAM role.
```python
role = iam.Role(self, "Role",
assumed_by=iam.AnyPrincipal()
)
file_system.grant(role, "elasticfilesystem:ClientWrite")
```
### Access Point
An access point is an application-specific view into an EFS file system that applies an operating
system user and group, and a file system path, to any file system request made through the access
point. The operating system user and group override any identity information provided by the NFS
client. The file system path is exposed as the access point's root directory. Applications using
the access point can only access data in its own directory and below. To learn more, see [Mounting a File System Using EFS Access Points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html).
Use the `addAccessPoint` API to create an access point from a fileSystem.
```python
file_system.add_access_point("AccessPoint")
```
By default, when you create an access point, the root(`/`) directory is exposed to the client
connecting to the access point. You can specify a custom path with the `path` property.
If `path` does not exist, it will be created with the settings defined in the `creationInfo`.
See [Creating Access Points](https://docs.aws.amazon.com/efs/latest/ug/create-access-point.html) for more details.
Any access point that has been created outside the stack can be imported into your CDK app.
Use the `fromAccessPointAttributes()` API to import an existing access point.
```python
efs.AccessPoint.from_access_point_attributes(self, "ap",
access_point_id="fsap-1293c4d9832fo0912",
file_system=efs.FileSystem.from_file_system_attributes(self, "efs",
file_system_id="fs-099d3e2f",
security_group=ec2.SecurityGroup.from_security_group_id(self, "sg", "sg-51530134")
)
)
```
⚠️ Notice: When importing an Access Point using `fromAccessPointAttributes()`, you must make sure
the mount targets are deployed and their lifecycle state is `available`. Otherwise, you may encounter
the following error when deploying:
> EFS file system <ARN of efs> referenced by access point <ARN of access point of EFS> has
> mount targets created in all availability zones the function will execute in, but not all
> are in the available life cycle state yet. Please wait for them to become available and
> try the request again.
### Connecting
To control who can access the EFS, use the `.connections` attribute. EFS has
a fixed default port, so you don't need to specify the port:
```python
file_system.connections.allow_default_port_from(instance)
```
Learn more about [managing file system network accessibility](https://docs.aws.amazon.com/efs/latest/ug/manage-fs-access.html)
### Mounting the file system using User Data
After you create a file system, you can create mount targets. Then you can mount the file system on
EC2 instances, containers, and Lambda functions in your virtual private cloud (VPC).
The following example automatically mounts a file system during instance launch.
```python
file_system.connections.allow_default_port_from(instance)
instance.user_data.add_commands("yum check-update -y", "yum upgrade -y", "yum install -y amazon-efs-utils", "yum install -y nfs-utils", "file_system_id_1=" + file_system.file_system_id, "efs_mount_point_1=/mnt/efs/fs1", "mkdir -p \"${efs_mount_point_1}\"", "test -f \"/sbin/mount.efs\" && echo \"${file_system_id_1}:/ ${efs_mount_point_1} efs defaults,_netdev\" >> /etc/fstab || " + "echo \"${file_system_id_1}.efs." + Stack.of(self).region + ".amazonaws.com:/ ${efs_mount_point_1} nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0\" >> /etc/fstab", "mount -a -t efs,nfs4 defaults")
```
Learn more about [mounting EFS file systems](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs.html)
### Deleting
Since file systems are stateful resources, by default the file system will not be deleted when your
stack is deleted.
You can configure the file system to be destroyed on stack deletion by setting a `removalPolicy`
```python
file_system = efs.FileSystem(self, "EfsFileSystem",
vpc=ec2.Vpc(self, "VPC"),
removal_policy=RemovalPolicy.DESTROY
)
```
Raw data
{
"_id": null,
"home_page": "https://github.com/aws/aws-cdk",
"name": "aws-cdk.aws-efs",
"maintainer": "",
"docs_url": null,
"requires_python": "~=3.7",
"maintainer_email": "",
"keywords": "",
"author": "Amazon Web Services",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/e2/e6/6adf563084cd68ce5efef81bb8b54d241134e286a2f2f721ea8742e588e2/aws-cdk.aws-efs-1.203.0.tar.gz",
"platform": null,
"description": "# Amazon Elastic File System Construct Library\n\n<!--BEGIN STABILITY BANNER-->---\n\n\n\n\n\n\n---\n<!--END STABILITY BANNER-->\n\n[Amazon Elastic File System](https://docs.aws.amazon.com/efs/latest/ug/whatisefs.html) (Amazon EFS) provides a simple, scalable,\nfully managed elastic NFS file system for use with AWS Cloud services and on-premises resources.\nAmazon EFS provides file storage in the AWS Cloud. With Amazon EFS, you can create a file system,\nmount the file system on an Amazon EC2 instance, and then read and write data to and from your file system.\n\nThis module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project.\n\n## File Systems\n\nAmazon EFS provides elastic, shared file storage that is POSIX-compliant. The file system you create\nsupports concurrent read and write access from multiple Amazon EC2 instances and is accessible from\nall of the Availability Zones in the AWS Region where it is created. Learn more about [EFS file systems](https://docs.aws.amazon.com/efs/latest/ug/creating-using.html)\n\n### Create an Amazon EFS file system\n\nA Virtual Private Cloud (VPC) is required to create an Amazon EFS file system.\nThe following example creates a file system that is encrypted at rest, running in `General Purpose`\nperformance mode, and `Bursting` throughput mode and does not transition files to the Infrequent\nAccess (IA) storage class.\n\n```python\nfile_system = efs.FileSystem(self, \"MyEfsFileSystem\",\n vpc=ec2.Vpc(self, \"VPC\"),\n lifecycle_policy=efs.LifecyclePolicy.AFTER_14_DAYS, # files are not transitioned to infrequent access (IA) storage by default\n performance_mode=efs.PerformanceMode.GENERAL_PURPOSE, # default\n out_of_infrequent_access_policy=efs.OutOfInfrequentAccessPolicy.AFTER_1_ACCESS\n)\n```\n\n\u26a0\ufe0f An Amazon EFS file system's performance mode can't be changed after the file system has been created.\nUpdating this property will replace the file system.\n\nAny file system that has been created outside the stack can be imported into your CDK app.\n\nUse the `fromFileSystemAttributes()` API to import an existing file system.\nHere is an example of giving a role write permissions on a file system.\n\n```python\nimport aws_cdk.aws_iam as iam\n\n\nimported_file_system = efs.FileSystem.from_file_system_attributes(self, \"existingFS\",\n file_system_id=\"fs-12345678\", # You can also use fileSystemArn instead of fileSystemId.\n security_group=ec2.SecurityGroup.from_security_group_id(self, \"SG\", \"sg-123456789\",\n allow_all_outbound=False\n )\n)\n```\n\n### Permissions\n\nIf you need to grant file system permissions to another resource, you can use the `.grant()` API.\nAs an example, the following code gives `elasticfilesystem:ClientWrite` permissions to an IAM role.\n\n```python\nrole = iam.Role(self, \"Role\",\n assumed_by=iam.AnyPrincipal()\n)\n\nfile_system.grant(role, \"elasticfilesystem:ClientWrite\")\n```\n\n### Access Point\n\nAn access point is an application-specific view into an EFS file system that applies an operating\nsystem user and group, and a file system path, to any file system request made through the access\npoint. The operating system user and group override any identity information provided by the NFS\nclient. The file system path is exposed as the access point's root directory. Applications using\nthe access point can only access data in its own directory and below. To learn more, see [Mounting a File System Using EFS Access Points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html).\n\nUse the `addAccessPoint` API to create an access point from a fileSystem.\n\n```python\nfile_system.add_access_point(\"AccessPoint\")\n```\n\nBy default, when you create an access point, the root(`/`) directory is exposed to the client\nconnecting to the access point. You can specify a custom path with the `path` property.\n\nIf `path` does not exist, it will be created with the settings defined in the `creationInfo`.\nSee [Creating Access Points](https://docs.aws.amazon.com/efs/latest/ug/create-access-point.html) for more details.\n\nAny access point that has been created outside the stack can be imported into your CDK app.\n\nUse the `fromAccessPointAttributes()` API to import an existing access point.\n\n```python\nefs.AccessPoint.from_access_point_attributes(self, \"ap\",\n access_point_id=\"fsap-1293c4d9832fo0912\",\n file_system=efs.FileSystem.from_file_system_attributes(self, \"efs\",\n file_system_id=\"fs-099d3e2f\",\n security_group=ec2.SecurityGroup.from_security_group_id(self, \"sg\", \"sg-51530134\")\n )\n)\n```\n\n\u26a0\ufe0f Notice: When importing an Access Point using `fromAccessPointAttributes()`, you must make sure\nthe mount targets are deployed and their lifecycle state is `available`. Otherwise, you may encounter\nthe following error when deploying:\n\n> EFS file system <ARN of efs> referenced by access point <ARN of access point of EFS> has\n> mount targets created in all availability zones the function will execute in, but not all\n> are in the available life cycle state yet. Please wait for them to become available and\n> try the request again.\n\n### Connecting\n\nTo control who can access the EFS, use the `.connections` attribute. EFS has\na fixed default port, so you don't need to specify the port:\n\n```python\nfile_system.connections.allow_default_port_from(instance)\n```\n\nLearn more about [managing file system network accessibility](https://docs.aws.amazon.com/efs/latest/ug/manage-fs-access.html)\n\n### Mounting the file system using User Data\n\nAfter you create a file system, you can create mount targets. Then you can mount the file system on\nEC2 instances, containers, and Lambda functions in your virtual private cloud (VPC).\n\nThe following example automatically mounts a file system during instance launch.\n\n```python\nfile_system.connections.allow_default_port_from(instance)\n\ninstance.user_data.add_commands(\"yum check-update -y\", \"yum upgrade -y\", \"yum install -y amazon-efs-utils\", \"yum install -y nfs-utils\", \"file_system_id_1=\" + file_system.file_system_id, \"efs_mount_point_1=/mnt/efs/fs1\", \"mkdir -p \\\"${efs_mount_point_1}\\\"\", \"test -f \\\"/sbin/mount.efs\\\" && echo \\\"${file_system_id_1}:/ ${efs_mount_point_1} efs defaults,_netdev\\\" >> /etc/fstab || \" + \"echo \\\"${file_system_id_1}.efs.\" + Stack.of(self).region + \".amazonaws.com:/ ${efs_mount_point_1} nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0\\\" >> /etc/fstab\", \"mount -a -t efs,nfs4 defaults\")\n```\n\nLearn more about [mounting EFS file systems](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs.html)\n\n### Deleting\n\nSince file systems are stateful resources, by default the file system will not be deleted when your\nstack is deleted.\n\nYou can configure the file system to be destroyed on stack deletion by setting a `removalPolicy`\n\n```python\nfile_system = efs.FileSystem(self, \"EfsFileSystem\",\n vpc=ec2.Vpc(self, \"VPC\"),\n removal_policy=RemovalPolicy.DESTROY\n)\n```\n\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "The CDK Construct Library for AWS::EFS",
"version": "1.203.0",
"project_urls": {
"Homepage": "https://github.com/aws/aws-cdk",
"Source": "https://github.com/aws/aws-cdk.git"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "88e6bd971bff543e3c079a262b1d5855075c4999a78eb06bf09fcb3c90b39a10",
"md5": "2134e3e8dcb55efcb8c07ad5790c5798",
"sha256": "8c89a33e4fe23e289ff8c8cdbc02b95787b43791d5d7ff8182064281fcb12f12"
},
"downloads": -1,
"filename": "aws_cdk.aws_efs-1.203.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "2134e3e8dcb55efcb8c07ad5790c5798",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "~=3.7",
"size": 140621,
"upload_time": "2023-05-31T22:54:39",
"upload_time_iso_8601": "2023-05-31T22:54:39.378934Z",
"url": "https://files.pythonhosted.org/packages/88/e6/bd971bff543e3c079a262b1d5855075c4999a78eb06bf09fcb3c90b39a10/aws_cdk.aws_efs-1.203.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e2e66adf563084cd68ce5efef81bb8b54d241134e286a2f2f721ea8742e588e2",
"md5": "f84e5e51787f9dbc4ca4c6bed89d11e1",
"sha256": "1331275ad3bb226c41800cdadfbadf26e326bf7ddd4b6bdb34d8fe91fec33965"
},
"downloads": -1,
"filename": "aws-cdk.aws-efs-1.203.0.tar.gz",
"has_sig": false,
"md5_digest": "f84e5e51787f9dbc4ca4c6bed89d11e1",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "~=3.7",
"size": 142222,
"upload_time": "2023-05-31T23:02:11",
"upload_time_iso_8601": "2023-05-31T23:02:11.672462Z",
"url": "https://files.pythonhosted.org/packages/e2/e6/6adf563084cd68ce5efef81bb8b54d241134e286a2f2f721ea8742e588e2/aws-cdk.aws-efs-1.203.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-05-31 23:02:11",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "aws",
"github_project": "aws-cdk",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "aws-cdk.aws-efs"
}
JSON
