<
This module has a few dependencies:
This Terraform module creates an AWS efs along with additional configuration options.
For detailed examples on how to use this module, please refer to the Examples directory within this repository.
Your Name Replace MIT and slovink with the appropriate license and your information. Feel free to expand this README with additional details or usage instructions as needed for your specific use case.
This project is licensed under the MIT License - see the LICENSE file for details.
If you come accross a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at concat@slovink.com.
If you have found it worth your time, go ahead and give us a ★ on our GitHub!
At [slovink][ https://slovink.com/], we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering.
We are The Cloud Experts!
We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.
IMPORTANT: Since the master branch used in source varies based on new modifications, we suggest that you use the release versions here.
Here is an example of how you can use this module in your inventory structure:
module "efs" {
source = "https://github.com/slovink/terraform-aws-efs.git?ref=v1.0.0"
name = "efs"
environment = "test"
creation_token = "changeme"
availability_zones = local.availability_zones
vpc_id = module.vpc.id
subnets = module.subnets.public_subnet_id
security_groups = [module.vpc.vpc_default_security_group_id]
efs_backup_policy_enabled = true
allow_cidr = [module.vpc.vpc_cidr_block] #vpc_cidr
replication_enabled = true
replication_configuration_destination = {
region = "eu-west-1"
availability_zone_name = ["eu-west-1a", "eu-west-1b"]
}
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_point_enabled | n/a | bool |
true |
no |
| allow_cidr | Provide allowed cidr to efs | list(any) |
[] |
no |
| availability_zones | Availability Zone IDs | list(string) |
n/a | yes |
| creation_token | A unique name (a maximum of 64 characters are allowed) used as reference when creating the EFS | string |
n/a | yes |
| efs_backup_policy_enabled | If true, it will turn on automatic backups. |
bool |
true |
no |
| efs_enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
| encrypted | If true, the file system will be encrypted | bool |
true |
no |
| environment | Environment (e.g. prod, dev, staging). |
string |
"test" |
no |
| kms_key_id | The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true. | string |
"" |
no |
| label_order | label order, e.g. name,application |
list(any) |
[ |
no |
| managedby | ManagedBy, eg 'slovink'. | string |
"hello@slovink.com" |
no |
| mount_target_description | n/a | string |
"" |
no |
| mount_target_ip_address | The address (within the address range of the specified subnet) at which the file system may be mounted via the mount target | string |
null |
no |
| name | Solution name, e.g. app |
string |
"" |
no |
| performance_mode | The file system performance mode. Can be either generalPurpose or maxIO |
string |
"generalPurpose" |
no |
| provisioned_throughput_in_mibps | The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with throughput_mode set to provisioned |
string |
0 |
no |
| security_groups | Security group IDs to allow access to the EFS | list(string) |
n/a | yes |
| subnets | Subnet IDs | list(string) |
n/a | yes |
| throughput_mode | Throughput mode for the file system. Defaults to bursting. Valid values: bursting, provisioned. When using provisioned, also set provisioned_throughput_in_mibps |
string |
"bursting" |
no |
| vpc_id | VPC ID | string |
n/a | yes |
| Name | Description |
|---|---|
| arn | EFS ARN |
| id | EFS ID |
| mount_target_ids | List of EFS mount target IDs (one per Availability Zone) |
| mount_target_ips | List of EFS mount target IPs (one per Availability Zone) |
| network_interface_ids | List of mount target network interface IDs |
| tags | The tags of the ecs cluster |
| Name | Version |
|---|---|
| terraform | >= 1.6.4, < 1.7.0 |
| aws | >= 5.32.1 |
| tls | >= 3.0.0 |
| Name | Version |
|---|---|
| aws | >= 5.32.1 |
| Name | Source | Version |
|---|---|---|
| label | git@github.com:slovink/terraform-aws-labels.git | 1.0.0 |
| Name | Type |
|---|---|
| aws_efs_access_point.default | resource |
| aws_efs_backup_policy.policy | resource |
| aws_efs_file_system.default | resource |
| aws_efs_file_system_policy.this | resource |
| aws_efs_mount_target.default | resource |
| aws_efs_replication_configuration.this | resource |
| aws_security_group.default | resource |
| aws_iam_policy_document.policy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_point_enabled | n/a | bool |
true |
no |
| allow_cidr | Provide allowed cidr to efs | list(any) |
[] |
no |
| availability_zones | Availability Zone IDs | list(string) |
n/a | yes |
| bypass_policy_lockout_safety_check | A flag to indicate whether to bypass the aws_efs_file_system_policy lockout safety check. Defaults to false |
bool |
false |
no |
| creation_token | A unique name (a maximum of 64 characters are allowed) used as reference when creating the EFS | string |
n/a | yes |
| deny_nonsecure_transport | Determines whether aws:SecureTransport is required when connecting to elastic file system |
bool |
false |
no |
| efs_backup_policy_enabled | If true, it will turn on automatic backups. |
bool |
true |
no |
| efs_enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
| egress_cidr_blocks | Security group IDs to allow access to the EFS | list(string) |
[ |
no |
| egress_from_port | Security group IDs to allow access to the EFS | number |
0 |
no |
| egress_protocol | Security group IDs to allow access to the EFS | number |
-1 |
no |
| egress_to_port | Security group IDs to allow access to the EFS | number |
0 |
no |
| enable_aws_efs_file_system_policy | A flag to enable or disable aws efs file system policy . Defaults to false |
bool |
false |
no |
| encrypted | If true, the file system will be encrypted | bool |
true |
no |
| environment | Environment (e.g. prod, dev, staging). |
string |
"test" |
no |
| from_port | Security group IDs to allow access to the EFS | number |
2049 |
no |
| kms_key_id | The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true. | string |
"" |
no |
| label_order | label order, e.g. name,application |
list(any) |
[ |
no |
| managedby | ManagedBy, eg 'slovink'. | string |
"hello@slovink.com" |
no |
| mount_target_description | n/a | string |
"this is mount target security group " |
no |
| mount_target_ip_address | The address (within the address range of the specified subnet) at which the file system may be mounted via the mount target | string |
null |
no |
| name | Solution name, e.g. app |
string |
"" |
no |
| override_policy_documents | List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank sids will override statements with the same sid |
list(string) |
[] |
no |
| performance_mode | The file system performance mode. Can be either generalPurpose or maxIO |
string |
"generalPurpose" |
no |
| policy_statements | A list of IAM policy statements for custom permission usage | any |
[] |
no |
| protocol | Security group IDs to allow access to the EFS | string |
"tcp" |
no |
| provisioned_throughput_in_mibps | The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with throughput_mode set to provisioned |
string |
0 |
no |
| replication_configuration_destination | A destination configuration block | any |
{} |
no |
| replication_enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
| security_groups | Security group IDs to allow access to the EFS | list(string) |
n/a | yes |
| source_policy_documents | List of IAM policy documents that are merged together into the exported document. Statements must have unique sids |
list(string) |
[] |
no |
| subnets | Subnet IDs | list(string) |
n/a | yes |
| throughput_mode | Throughput mode for the file system. Defaults to bursting. Valid values: bursting, provisioned. When using provisioned, also set provisioned_throughput_in_mibps |
string |
"bursting" |
no |
| to_port | Security group IDs to allow access to the EFS | number |
2049 |
no |
| vpc_id | VPC ID | string |
n/a | yes |
| Name | Description |
|---|---|
| arn | EFS ARN |
| id | EFS ID |
| mount_target_ids | List of EFS mount target IDs (one per Availability Zone) |
| mount_target_ips | List of EFS mount target IPs (one per Availability Zone) |
| network_interface_ids | List of mount target network interface IDs |
| tags | The tags of the ecs cluster |