Configuration to provision a new EFS file system and attach it to a VPC with options to customize encryption, backup, access, and performance settings.

Configuration template to provision EFS access points. EFS access points make it easier to manage application access to EFS by enforcing user identity access (including user's POSIX groups), as well as the root directory on the file systems that clients can access

This template creates an encrypted Amazon EFS file system using One Zone storage classes in the us-east-1a Availability Zone.

This template creates an Amazon EFS file system with EFS Standard storage classes, maxIO performance mode, lifecycle management and Intelligent Tiering enabled, encrypted at rest, automatic daily backups enabled, a file system policy granting read-only access to the EfsReadOnly IAM role, mount targets in three Availability Zones, and an access point providing an application-specific entry point to the file system.

Creates an AWS EFS file system and attaches a custom IAM policy that allows secure transport for mounting and writing operations.

Creates a replica of an EFS file system in the us-west-2b availability zone, encrypted with a specified KMS key.

Sets up basic EFS access for an AWS Transfer resource with external ID, server ID, role, home directory, and POSIX profile settings.

Configuration to create AWS Backup plans and vaults. AWS Backup automates the process of backing up of data across AWS services including EFS, DynamoDB, EC2, EBS, Aurora, RDS, and Storage Gateway, as well as setting custom retention policies, access policies, and encryption

A Config rule that checks whether Amazon Elastic File System (Amazon EFS) are configured to encrypt the file data using AWS Key Management Service (AWS KMS). The rule is NON_COMPLIANT if the Encrypted key is set to False on DescribeFileSystems or, if specified, KmsKeyId key on DescribeFileSystems is not matching KmsKeyId parameter

A Config rule that checks whether Amazon Elastic File System (Amazon EFS) file systems are added in the backup plans of AWS Backup. The rule is NON_COMPLIANT if EFS file systems are not included in the backup plans.

A Config rule that checks if Amazon Elastic File System (Amazon EFS) access points are configured to enforce a root directory. The rule is NON_COMPLIANT if the value of Path is set to / (default root directory of the file system).

A Config rule that checks if Amazon Elastic File System (Amazon EFS) access points are configured to enforce a user identity. The rule is NON_COMPLIANT if 'PosixUser' is not defined or if parameters are provided and there is no match in the corresponding parameter.

A security group for Amazon EFS that allows inbound NFS access from resources (including the mount target) associated with this security group (TCP 2049).