The AWS::EFS::FileSystem
resource creates a new, empty file system in EFSlong (EFS). You must create a mount target (AWS::EFS::MountTarget) to mount your EFS file system on an EC2 or other AWS cloud compute resource.
To create a simple EFS File System
resource "awscc_efs_file_system" "this" {
file_system_tags = [
{
key = "Name"
value = "this"
},
{
key = "Modified By"
value = "AWSCC"
}
]
}
To create a EFS File System with lifecycle policies
resource "awscc_efs_file_system" "this" {
lifecycle_policies = [{
transition_to_ia = "AFTER_30_DAYS"
}]
file_system_tags = [
{
key = "Name"
value = "this"
},
{
key = "Modified By"
value = "AWSCC"
}
]
}
To create a EFS File System with KMS based encryption
resource "awscc_efs_file_system" "this" {
encrypted = true
kms_key_id = "arn:aws:kms:us-west-2:111122223333:key/b1d4919e-3296-4104-a3a8-c9f3b1138fa8"
file_system_tags = [
{
key = "Name"
value = "this"
},
{
key = "Modified By"
value = "AWSCC"
}
]
}
availability_zone_name
(String) For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format us-east-1a
to specify the Availability Zone. For more information about One Zone file systems, see EFS file system types in the Amazon EFS User Guide.
One Zone file systems are not available in all Availability Zones in AWS-Regions where Amazon EFS is available.backup_policy
(Attributes) Use the BackupPolicy
to turn automatic backups on or off for the file system. (see below for nested schema)bypass_policy_lockout_safety_check
(Boolean) (Optional) A boolean that specifies whether or not to bypass the FileSystemPolicy
lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future PutFileSystemPolicy
requests on this file system. Set BypassPolicyLockoutSafetyCheck
to True
only when you intend to prevent the IAM principal that is making the request from making subsequent PutFileSystemPolicy
requests on this file system. The default value is False
.encrypted
(Boolean) A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing kms-key-long. If you don't specify a kms-key, then the default kms-key for EFS, /aws/elasticfilesystem
, is used to protect the encrypted file system.file_system_policy
(String) The FileSystemPolicy
for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see Using to control NFS access to Amazon EFS in the Amazon EFS User Guide.file_system_protection
(Attributes) Describes the protection on the file system. (see below for nested schema)file_system_tags
(Attributes List) Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a "Key":"Name","Value":"{value}"
key-value pair. Each key must be unique. For more information, see Tagging resources in the General Reference Guide. (see below for nested schema)kms_key_id
(String) The ID of the kms-key-long to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault kms-key. If this parameter is not specified, the default kms-key for EFS is used. This ID can be in one of the following formats:
1234abcd-12ab-34cd-56ef-1234567890ab
.arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
.alias/projectKey1
.arn:aws:kms:us-west-2:444455556666:alias/projectKey1
.If KmsKeyId
is specified, the Encrypted
parameter must be set to true.
lifecycle_policies
(Attributes List) An array of LifecyclePolicy
objects that define the file system's LifecycleConfiguration
object. A LifecycleConfiguration
object informs Lifecycle management of the following:
EFS requires that each LifecyclePolicy
object have only a single transition. This means that in a request body, LifecyclePolicies
needs to be structured as an array of LifecyclePolicy
objects, one object for each transition, TransitionToIA
, TransitionToArchive
TransitionToPrimaryStorageClass
. See the example requests in the following section for more information. (see below for nested schema)
performance_mode
(String) The Performance mode of the file system. We recommend generalPurpose
performance mode for all file systems. File systems using the maxIO
performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The maxIO
mode is not supported on One Zone file systems.
Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems.
Default is generalPurpose
.provisioned_throughput_in_mibps
(Number) The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if ThroughputMode
is set to provisioned
. Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact SUP. For more information, see Amazon EFS quotas that you can increase in the Amazon EFS User Guide.replication_configuration
(Attributes) Describes the replication configuration for a specific file system. (see below for nested schema)throughput_mode
(String) Specifies the throughput mode for the file system. The mode can be bursting
, provisioned
, or elastic
. If you set ThroughputMode
to provisioned
, you must also set a value for ProvisionedThroughputInMibps
. After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see Specifying throughput with provisioned mode in the Amazon EFS User Guide.
Default is bursting
.arn
(String)file_system_id
(String)id
(String) Uniquely identifies the resource.backup_policy
Required:
status
(String) Set the backup policy status for the file system.
file_system_protection
Optional:
replication_overwrite_protection
(String) The status of the file system's replication overwrite protection.
ENABLED
? The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is ENABLED
by default. DISABLED
? The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.REPLICATING
? The file system is being used as the destination file system in a replication configuration. The file system is read-only and is only modified only by EFS replication.If the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.
file_system_tags
Required:
key
(String) The tag key (String). The key can't start with aws:
.value
(String) The value of the tag key.lifecycle_policies
Optional:
transition_to_archive
(String) The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.transition_to_ia
(String) The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.transition_to_primary_storage_class
(String) Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.replication_configuration
Optional:
destinations
(Attributes List) An array of destination objects. Only one destination object is supported. (see below for nested schema)replication_configuration.destinations
Optional:
availability_zone_name
(String) The AWS For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.
Use the format us-east-1a
to specify the Availability Zone. For more information about One Zone file systems, see EFS file system types in the Amazon EFS User Guide.
One Zone file system type is not available in all Availability Zones in AWS-Regions where Amazon EFS is available.file_system_id
(String) The ID of the destination Amazon EFS file system.kms_key_id
(String) The ID of an kms-key-long used to protect the encrypted file system.region
(String) The AWS-Region in which the destination file system is located.
For One Zone file systems, the replication configuration must specify the AWS-Region in which the destination file system is located.Import is supported using the following syntax:
$ terraform import awscc_efs_file_system.example <resource ID>