1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
Hello.
Is the IAM policy of the EC2 to be written a policy that allows writing as follows?
Also, what is EFS's access policy?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"elasticfilesystem:ClientMount",
"elasticfilesystem:ClientWrite",
"elasticfilesystem:ClientRootAccess"
],
"Resource": "arn:aws:elasticfilesystem:region-id:[YourAccount]:file-system/fs-xxxxx"
}
]
}
Also, make sure you are mounting using IAM authentication.
https://docs.aws.amazon.com/efs/latest/ug/mounting-IAM-option.html
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 3 Jahren
Hi, to centralize all your definitions re. this EFS, you may want to place them as a resource-based policy (instead of identity-based policiy) attached to this EFS. See examples in https://docs.aws.amazon.com/efs/latest/ug/security_iam_resource-based-policy-examples.html