aws-cdk-lib.aws_efs.Acl

interface Acl

LanguageType name
.NETAmazon.CDK.AWS.EFS.Acl
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsefs#Acl
Javasoftware.amazon.awscdk.services.efs.Acl
Pythonaws_cdk.aws_efs.Acl
TypeScript (source)aws-cdk-lib » aws_efs » Acl

Permissions as POSIX ACL.

Example

import * as ec2 from 'aws-cdk-lib/aws-ec2';
import * as efs from 'aws-cdk-lib/aws-efs';

// create a new VPC
const vpc = new ec2.Vpc(this, 'VPC');

// create a new Amazon EFS filesystem
const fileSystem = new efs.FileSystem(this, 'Efs', { vpc });

// create a new access point from the filesystem
const accessPoint = fileSystem.addAccessPoint('AccessPoint', {
  // set /export/lambda as the root of the access point
  path: '/export/lambda',
  // as /export/lambda does not exist in a new efs filesystem, the efs will create the directory with the following createAcl
  createAcl: {
    ownerUid: '1001',
    ownerGid: '1001',
    permissions: '750',
  },
  // enforce the POSIX identity so lambda function will access with this identity
  posixUser: {
    uid: '1001',
    gid: '1001',
  },
});

const fn = new lambda.Function(this, 'MyLambda', {
  // mount the access point to /mnt/msg in the lambda runtime environment
  filesystem: lambda.FileSystem.fromEfsAccessPoint(accessPoint, '/mnt/msg'),
  runtime: lambda.Runtime.NODEJS_18_X,
  handler: 'index.handler',
  code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')),
  vpc,
});

Properties

NameTypeDescription
ownerGidstringSpecifies the POSIX group ID to apply to the RootDirectory.
ownerUidstringSpecifies the POSIX user ID to apply to the RootDirectory.
permissionsstringSpecifies the POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits.

ownerGid

Type: string

Specifies the POSIX group ID to apply to the RootDirectory.

Accepts values from 0 to 2^32 (4294967295).


ownerUid

Type: string

Specifies the POSIX user ID to apply to the RootDirectory.

Accepts values from 0 to 2^32 (4294967295).


permissions

Type: string

Specifies the POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits.