By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Guidance for Controlling User Access to a Shared EFS File System to Ensure Isolated File Shares with Workspaces

0

I am seeking guidance on controlling user access to a shared Amazon EFS file system to ensure each user receives an isolated file share and cannot access others' shares.

  1. I am aware that EFS Access Points can mount a path in EFS using POSIX permissions.

  2. When using Amazon WorkSpaces, users authenticate through Active Directory (AWS Managed or not). Will EFS Access Points use their identity authenticated through AD to control their access exclusively through EFS?

  3. I am looking for ways to granularly control user access to specific shares on a shared EFS. Any suggestions or best practices would be greatly appreciated.

Thank you!

asked 4 months ago300 views
1 Answer
0

Hello.

When using Amazon WorkSpaces, users authenticate through Active Directory (AWS Managed or not). Will EFS Access Points use their identity authenticated through AD to control their access exclusively through EFS?

EFS cannot be controlled by AD.

I am looking for ways to granularly control user access to specific shares on a shared EFS. Any suggestions or best practices would be greatly appreciated.

Why not try using FSx For Windows File Server?
Since FSx For Windows File Server can participate in Active Directory, I think it is possible to restrict folder access for each AD user.
https://aws.amazon.com/jp/blogs/desktop-and-application-streaming/using-amazon-fsx-for-windows-file-server-with-amazon-workspaces/

profile picture
EXPERT
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions