This Terraform module provisions an Amazon Elastic File System (EFS) with replication and backup policies.
To use this module, include it in your Terraform configuration.
Example
module "efs" {
source = "git::https://github.com/yadavprakash/terraform-aws-efs.git"
name = "efs"
environment = "test"
creation_token = "changeme"
availability_zones = ["us-west-1a", "us-west-1b"]
vpc_id = module.vpc.vpc_id
subnets = module.subnets.public_subnet_id
security_groups = [module.vpc.vpc_default_security_group_id]
efs_backup_policy_enabled = true
allow_cidr = [module.vpc.vpc_cidr_block]
replication_enabled = true
replication_configuration_destination = {
region = "us-west-1"
availability_zone_name = ["us-west-1a", "us-west-1"]
}
}
For detailed examples on how to use this module, please refer to the examples directory within this repository.
This Terraform module is provided under the MIT License. Please see the LICENSE file for more details.
Your Name Replace MIT and yadavprakash with the appropriate license and your information. Feel free to expand this README with additional details or usage instructions as needed for your specific use case.
Name | Version |
---|---|
terraform | >= 1.5.0 |
aws | >= 5.9.0 |
Name | Version |
---|---|
aws | >= 5.9.0 |
Name | Source | Version |
---|---|---|
label | git::https://github.com/yadavprakash/terraform-aws-labels.git | v1.0.0 |
Name | Type |
---|---|
aws_efs_access_point.default | resource |
aws_efs_backup_policy.policy | resource |
aws_efs_file_system.default | resource |
aws_efs_file_system_policy.this | resource |
aws_efs_mount_target.default | resource |
aws_efs_replication_configuration.this | resource |
aws_security_group.default | resource |
aws_iam_policy_document.policy | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
access_point_enabled | n/a | bool |
true |
no |
allow_cidr | Provide allowed cidr to efs | list(any) |
[] |
no |
availability_zones | Availability Zone IDs | list(string) |
n/a | yes |
bypass_policy_lockout_safety_check | A flag to indicate whether to bypass the aws_efs_file_system_policy lockout safety check. Defaults to false |
bool |
false |
no |
creation_token | A unique name (a maximum of 64 characters are allowed) used as reference when creating the EFS | string |
n/a | yes |
deny_nonsecure_transport | Determines whether aws:SecureTransport is required when connecting to elastic file system |
bool |
false |
no |
efs_backup_policy_enabled | If true , it will turn on automatic backups. |
bool |
true |
no |
efs_enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
egress_cidr_blocks | Security group IDs to allow access to the EFS | list(string) |
[ |
no |
egress_from_port | Security group IDs to allow access to the EFS | number |
0 |
no |
egress_protocol | Security group IDs to allow access to the EFS | number |
-1 |
no |
egress_to_port | Security group IDs to allow access to the EFS | number |
0 |
no |
enable_aws_efs_file_system_policy | A flag to enable or disable aws efs file system policy . Defaults to false |
bool |
false |
no |
encrypted | If true, the file system will be encrypted | bool |
true |
no |
environment | Environment (e.g. prod , dev , staging ). |
string |
"test" |
no |
from_port | Security group IDs to allow access to the EFS | number |
2049 |
no |
kms_key_id | The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true. | string |
"" |
no |
label_order | label order, e.g. name ,application |
list(any) |
[ |
no |
managedby | ManagedBy, eg 'yadavprakash'. | string |
"yadavprakash" |
no |
mount_target_description | n/a | string |
"this is mount target security group " |
no |
mount_target_ip_address | The address (within the address range of the specified subnet) at which the file system may be mounted via the mount target | string |
null |
no |
name | Solution name, e.g. app |
string |
"" |
no |
override_policy_documents | List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank sid s will override statements with the same sid |
list(string) |
[] |
no |
performance_mode | The file system performance mode. Can be either generalPurpose or maxIO |
string |
"generalPurpose" |
no |
policy_statements | A list of IAM policy statements for custom permission usage | any |
[] |
no |
protocol | Security group IDs to allow access to the EFS | string |
"tcp" |
no |
provisioned_throughput_in_mibps | The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with throughput_mode set to provisioned |
string |
0 |
no |
replication_configuration_destination | A destination configuration block | any |
{} |
no |
replication_enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
security_groups | Security group IDs to allow access to the EFS | list(string) |
n/a | yes |
source_policy_documents | List of IAM policy documents that are merged together into the exported document. Statements must have unique sid s |
list(string) |
[] |
no |
subnets | Subnet IDs | list(string) |
n/a | yes |
throughput_mode | Throughput mode for the file system. Defaults to bursting. Valid values: bursting , provisioned . When using provisioned , also set provisioned_throughput_in_mibps |
string |
"bursting" |
no |
to_port | Security group IDs to allow access to the EFS | number |
2049 |
no |
vpc_id | VPC ID | string |
n/a | yes |
Name | Description |
---|---|
arn | EFS ARN |
id | EFS ID |
mount_target_ids | List of EFS mount target IDs (one per Availability Zone) |
mount_target_ips | List of EFS mount target IPs (one per Availability Zone) |
network_interface_ids | List of mount target network interface IDs |
tags | The tags of the ecs cluster |