A Config rule that checks if Amazon Elastic File System (Amazon EFS) access points are configured to enforce a user identity. The rule is NON_COMPLIANT if 'PosixUser' is not defined or if parameters are provided and there is no match in the corresponding parameter.

This config rule supports the following parameters:

  • approvedUids
    • Required: No
    • Type: CSV
    • Description:Comma-separated list of POSIX user ID that are approved for EFS access point user enforcement.
  • approvedGids
    • Required: No
    • Type: CSV
    • Description:Comma-separated list of POSIX group IDs that are approved for EFS access point user enforcement.

ConfigRule
AWS::Config::ConfigRule


Scope

ComplianceResourceTypes

Source *
CustomPolicyDetails
SourceDetails

CloudFormation Template

Share Template