README.md

Code Quality

Inputs

Name	Description	Type	Default	Required
access_points	List of access points to create.	map(object({ posix_user = optional(object({ gid = number uid = number secondary_gids = optional(list(number)) })) root_directory = optional(object({ path = string creation_info = optional(object({ owner_gid = number owner_uid = number permissions = string })) })) }))	{}	no
aws_iam_principals	AWS IAM principals which will be allowed to access the file system via the EFS policy.	list(string)	[ "*" ]	no
bypass_policy_lockout_safety_check	A flag to indicate whether to bypass the aws_efs_file_system_policy lockout safety check.	bool	false	no
enable_customer_managed_kms	If enabled, will create a customer managed KMS key for at-rest encryption.	bool	false	no
enable_enhanced_backups	Enable enhanced backups.	bool	false	no
encrypted	If true, the disk will be encrypted.	bool	true	no
enforce_read_only_default	Enforce read-only access to the file system. Identity-based policies can override these default permissions.	bool	false	no
enforce_transit_encryption	Enforce in-transit encryption for all clients.	bool	true	no
kms_key_id	The ARN of the AWS KMS to encrypt the file system. Defaults to the AWS managed KMS key.	string	null	no
name	The name of the file system.	string	n/a	yes
performance_mode	The file system performance mode. Can be either generalPurpose or maxIO.	string	"generalPurpose"	no
prevent_anonymous_access	Prevent anonymous access to the file system.	bool	false	no
prevent_root_access_default	Prevent root access to the file system. Identity-based policies can override these default permissions.	bool	false	no
private_subnets	A list of private subnets inside the VPC.	list(string)	n/a	yes
provisioned_throughput_in_mibps	The throughput, measured in MiB/s, that you want to provision for the file system.	number	0	no
security_groups	A list of security group IDs to associate with the file system.	list(string)	n/a	yes
tags	A mapping of tags to assign to all resources.	map(string)	{}	no
throughput_mode	Throughput mode for the file system. Valid values: bursting, provisioned, or elastic.	string	"elastic"	no
transition_to_archive	Indicates how long it takes to transition files to the archive storage class. Accepted values AFTER_7_DAYS, AFTER_14_DAYS, AFTER_30_DAYS, AFTER_60_DAYS, AFTER_90_DAYS.	string	"AFTER_90_DAYS"	no
transition_to_ia	Indicates how long it takes to transition files to the IA storage class. Accepted values AFTER_7_DAYS, AFTER_14_DAYS, AFTER_30_DAYS, AFTER_60_DAYS, AFTER_90_DAYS.	string	"AFTER_30_DAYS"	no
transition_to_primary_storage_class	Describes the policy used to transition a file from infequent access storage to primary storage. Only AFTER_1_ACCESS is accepted	string	"AFTER_1_ACCESS"	no

Outputs

Name	Description
access_point_arns	ARNs of created access points.
access_point_ids	IDs of created access points.
arn	ARN of filesystem.
dns_name	DNS address of filesystem.
id	Id of filesystem.
kms_key_id	ID of the KMS key used to encrypt the EFS.
number_of_mount_targets	Number of mount targets of the EFS file system.
size_in_bytes	Size of the EFS file system.

Providers

Name	Version
aws	>= 5.35
random	>= 3.4

Resources

• resource.aws_efs_access_point.main (main.tf#48)
• resource.aws_efs_file_system.main (main.tf#3)
• resource.aws_efs_file_system_policy.main (main.tf#41)
• resource.aws_efs_mount_target.main (main.tf#32)
• resource.random_uuid.main (main.tf#1)
• data source.aws_iam_policy_document.main (data.tf#1)

Examples

Basic Example

module "basic-example" {
  source = "../../"

  name = var.storage_name

  private_subnets = var.private_subnets
  security_groups = var.security_groups
}

with enhanced Backups

module "with-enhanced-backups" {
  source = "../../"

  name            = "efs1"
  private_subnets = ["subnet-12345678", "subnet-12345678"]
  security_groups = ["sg-12345678"]

  enable_enhanced_backups = true
}