codingstuff.io
ExploreTutorialsProblemsCS Subjects
Get Started
ExploreTutorialsProblemsCS Subjects
Get Started
codingstuff.io

Master the art of building software through interactive tutorials, real-world problems, and guided projects.

Pune, Maharashtra, India

codingstuffmail@gmail.com

Product

  • Explore
  • Tutorials
  • Problems
  • CS Subjects

Company

  • About
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Sitemap

© 2026 codingstuff.io. All rights reserved.

Built with ❤️ for developers everywhere

/
/
All Tutorials
☁️

AWS Cloud

46 / 60 topics
44Introduction to Amazon EFS45Creating an EFS File System46EFS Access Control
Tutorials/AWS Cloud/EFS Access Control
☁️AWS Cloud

EFS Access Control

Updated 2026-05-15
10 min read

EFS Access Control

Introduction

Amazon Elastic File System (EFS) is a scalable, fully managed file storage service that makes it easy to use NFS-based file systems with AWS applications and services. One of the critical aspects of using EFS is ensuring proper access control to protect your data. This tutorial will guide you through understanding and configuring access control for Amazon EFS.

Concept

EFS uses Identity and Access Management (IAM) policies to control who can access the file system, what actions they can perform, and under what conditions those actions can be performed. The main components of EFS access control are:

  1. Permissions: These define what actions users or roles can perform on an EFS file system.
  2. Principals: These are AWS accounts, IAM users, IAM roles, federated users, or assumed-role users that the permissions apply to.
  3. Resources: These are the specific EFS resources that the permissions apply to.

Key Permissions

  • elasticfilesystem:ClientMount: Allows a client to mount an EFS file system.
  • elasticfilesystem:ClientWrite: Allows a client to write to an EFS file system.
  • elasticfilesystem:ClientRootAccess: Allows a client to access the root directory of the EFS file system.

IAM Policies

IAM policies are JSON documents that define permissions. You can attach these policies to users, groups, or roles to grant them specific permissions on EFS resources.

Examples

Example 1: Granting Access to Mount an EFS File System

Let's create an IAM policy that allows a user to mount an EFS file system.

JSON
1{
2"Version": "2012-10-17",
3"Statement": [
4 {
5 "Effect": "Allow",
6 "Action": [
7 "elasticfilesystem:ClientMount"
8 ],
9 "Resource": [
10 "arn:aws:elasticfilesystem:us-west-2:123456789012:file-system/fs-12345678"
11 ]
12 }
13]
14}

Example 2: Granting Write Access to an EFS File System

Now, let's create a policy that allows a user to write to the EFS file system.

JSON
1{
2"Version": "2012-10-17",
3"Statement": [
4 {
5 "Effect": "Allow",
6 "Action": [
7 "elasticfilesystem:ClientWrite"
8 ],
9 "Resource": [
10 "arn:aws:elasticfilesystem:us-west-2:123456789012:file-system/fs-12345678"
11 ]
12 }
13]
14}

Example 3: Attaching Policies to an IAM User

To attach the above policies to an IAM user, you can use the AWS CLI.

Terminal
$ aws iam put-user-policy --user-name my-efs-user --policy-name EFSClientMountPolicy --policy-document file://EFSClientMountPolicy.json
Terminal
$ aws iam put-user-policy --user-name my-efs-user --policy-name EFSClientWritePolicy --policy-document file://EFSClientWritePolicy.json

Example 4: Using AWS Management Console

  1. Go to the IAM console.
  2. Select "Users" and choose the user you want to attach policies to.
  3. Click on the "Permissions" tab.
  4. Click on "Add permissions".
  5. Choose "Attach existing policies directly".
  6. Search for EFSClientMountPolicy and EFSClientWritePolicy.
  7. Click "Next: Review", then "Add permissions".

What's Next?

In this tutorial, we covered the basics of EFS access control using IAM policies. In the next section, we will explore how to use Amazon Athena to query data stored in EFS.

Stay tuned for more tutorials on AWS services and best practices!


PreviousCreating an EFS File SystemNext Introduction to Amazon Athena

Recommended Gear

Creating an EFS File SystemIntroduction to Amazon Athena