AWS EFS File System

Amazon Elastic File System (EFS) is a serverless, elastic network file storage solution that can be shared across AWS cloud services and on-premise resources.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Deployments

Made by

Massdriver

Official

Yes

Compliance

Clouds

AWS

AWS EFS (Elastic File System)

AWS EFS (Elastic File System) is a scalable file storage system used with AWS cloud services and on-premises resources. It is designed to provide a simple, scalable, and elastic file system for Linux-based workloads for use with AWS Cloud services and on-premises resources. With EFS, users can create and configure file systems quickly, and automatically scale storage capacity and throughput as needed.

Design Decisions

Encryption at Rest: The file system is configured with encryption enabled using a KMS key.
Lifecycle Policies: If configured, the file system transitions files to Infrequent Access (IA) storage class after a specified period of inactivity.
IAM Policies: The module creates three IAM policies to support different levels of access (read, read/write, root) to the EFS file system.
Backup Policy: Based on configuration, EFS backups can be enabled or disabled.
Mount Targets: Creates mount targets in specified subnets to ensure accessibility.
Security Group: A security group is created to control traffic to and from the EFS.

Runbook

EFS Mount Issue

If you are experiencing issues with mounting the EFS file system, check the mount targets and security groups.

aws efs describe-mount-targets --file-system-id <file-system-id>

This command lists the mount targets and verifies their status.

Check security group rules to ensure the correct ports are open.

aws ec2 describe-security-groups --group-ids <security-group-id>

This command provides details about the security group rules.

Checking File System Health

To check the health status of your EFS file system.

aws efs describe-file-systems --file-system-id <file-system-id>

This command gives you the status of the file system which should be available.

EFS IAM Policy Issues

If there are access issues, verify the policies attached to the IAM roles or users.

aws iam list-attached-user-policies --user-name <user-name>

This command lists policies attached to a user.

aws iam list-attached-role-policies --role-name <role-name>

This command lists policies attached to a role.

Insufficient Throughput

If file operations are slower than expected, your EFS might not have sufficient throughput.

aws efs describe-file-systems --file-system-id <file-system-id>

Check the throughput-mode and ensure it’s configured to either bursting or provisioned as needed.

Backup Verification

To verify the backup policy for the EFS file system.

aws efs describe-backup-policy --file-system-id <file-system-id>

This command shows the backup configuration, ensuring it is either ENABLED or DISABLED.

Network Configuration Issues

For network-related issues, ensure your VPC and subnets are properly configured.

aws ec2 describe-vpcs --vpc-ids <vpc-id>

This command checks your VPC configuration.

aws ec2 describe-subnets --filters "Name=vpc-id,Values=<vpc-id>"

This command provides details about subnets within your VPC, ensuring correct configuration and CIDR blocks.

Variable	Type	Description
retention.backup	boolean	Automatically backup your file system data with AWS Backup using recommended settings. Additional pricing applies.
retention.transition_to_ia	string	Duration from the last time a file was accessed until it is transitioned to Infrequently Accessed (IA) storage class.
storage.performance_mode	string	General Purpose has lower latency, but limits your file operations per second. Max IO substantially increases IOPs, but increase latency.
storage.provisioned_throughput_in_mibps	integer	The throughput, measured in MiB/s, that you want to provision for the file system. Required if Throughput mode is set to “Provisioned”
storage.throughput_mode	string	Burst mode uses a credit system which accrues over time based on the size of the EFS file system and is ideal for most applications with bursty throughput patterns. Provisioned is best when your throughput requirements are relatively constant.