AWS Amazon EFS Mount Target

This page shows how to write Terraform and CloudFormation for Amazon EFS Mount Target and write them securely.

aws_efs_mount_target (Terraform)

The Mount Target in Amazon EFS can be configured in Terraform with the resource name aws_efs_mount_target. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

efs.tf#L33
resource "aws_efs_mount_target" "mount_us_east_1a" {
  file_system_id = aws_efs_file_system.fs.id
  subnet_id      = data.aws_subnet.us_east_1a.id
  security_groups = [aws_security_group.efs_sg.id]
}

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Provides an Elastic File System (EFS) mount target.

Tips: Best Practices for The Other AWS Amazon EFS Resources

In addition to the aws_efs_file_system, AWS Amazon EFS has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

aws_efs_file_system

Enable at rest encryption of EFS

It is better to enable at rest encryption of EFS to reduce the risk of data leakage.

Review your AWS Amazon EFS settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

AWS::EFS::MountTarget (CloudFormation)

The MountTarget in EFS can be configured in CloudFormation with the resource name AWS::EFS::MountTarget. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

mozdef-efs.yml#L60
    Type: AWS::EFS::MountTarget
    Condition: Has1Subnets
    Properties:
      FileSystemId: !Ref ElasticFileSystem
      SubnetId: !Select [ 0, !Ref SubnetList ]
      SecurityGroups: [ !Ref MountTargetSecurityGroup ]
mozdef-efs.yml#L60
    Type: AWS::EFS::MountTarget
    Condition: Has1Subnets
    Properties:
      FileSystemId: !Ref ElasticFileSystem
      SubnetId: !Select [ 0, !Ref SubnetList ]
      SecurityGroups: [ !Ref MountTargetSecurityGroup ]
efs-file-system-with-data.yml#L331
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref ElasticFileSystemRetain
      SecurityGroups:
      - !Ref SecurityGroup
      SubnetId: !Select [ 0, !Ref Subnet ]
efs-file-system-with-data.yml#L331
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref ElasticFileSystemRetain
      SecurityGroups:
      - !Ref SecurityGroup
      SubnetId: !Select [ 0, !Ref Subnet ]
efs.yml#L24
    Type: AWS::EFS::MountTarget
    Properties:
      FileSystemId: !Ref EFSJenkinsHomeVolume
      SecurityGroups:
      - !Ref SecurityGroupEFS
      SubnetId: !Ref SubnetPublicA
make_sonarqube_EFS.tmplt.json#L98
      "Type": "AWS::EFS::MountTarget"
    },
    "SonarqubeEFSMount2": {
      "Properties": {
        "FileSystemId": {
          "Ref": "SonarqubeEFS"
make_artifactory-PRO_EFS.tmplt.json#L71
      "Type" : "AWS::EFS::MountTarget",
      "Properties" : {
        "FileSystemId": { "Ref": "ArtifactoryEFS" },
        "SecurityGroups": { "Ref": "EfsSg" },
        "SubnetId": { "Fn::Select": [ "0", { "Ref": "EfsSubnet" } ] }
      }
make_artifactory-EE_EFS.tmplt.json#L66
      "Type" : "AWS::EFS::MountTarget",
      "Properties" : {
        "FileSystemId": { "Ref": "ArtifactoryEFS" },
        "SecurityGroups": { "Ref": "EfsSg" },
        "SubnetId": { "Fn::Select": [ "0", { "Ref": "EfsSubnet" } ] }
      }
encyptedS3.json#L56
            "Type": "AWS::EFS::MountTarget",
            "Properties": {
                "SubnetId": {
                    "Ref": "PrivateSubnet0"
                },
                "FileSystemId": {
index.json#L28
    "Type" : "AWS::EFS::MountTarget",
    "Properties" : {
      "FileSystemId" : { "Ref": "FileSystem" },
      "SecurityGroups" : [{ "Ref": "EFSSecurityGroup" }],
      "SubnetId" : {
        "Fn::ImportValue": {

Parameters

Explanation in CloudFormation Registry

The AWS::EFS::MountTarget resource is an Amazon EFS resource that creates a mount target for an EFS file system. You can then mount the file system on Amazon EC2 instances or other resources by using the mount target.

Frequently asked questions

What is AWS Amazon EFS Mount Target?

AWS Amazon EFS Mount Target is a resource for Amazon EFS of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon EFS Mount Target?

For Terraform, the a-sinkavets/devops-task-02 source code example is useful. See the Terraform Example section for further details.

For CloudFormation, the gustcol/Canivete, mozilla/MozDef and pavantocemca40/DevOps source code examples are useful. See the CloudFormation Example section for further details.