Skip to main content

access_points

Creates, updates, deletes or gets an access_point resource or lists access_points in a region

Overview

Nameaccess_points
TypeResource
DescriptionThe AWS::EFS::AccessPoint resource creates an EFS access point. An access point is an application-specific view into an EFS file system that applies an operating system user and group, and a file system path, to any file system request made through the access point. The operating system user and group override any identity information provided by the NFS client. The file system path is exposed as the access point's root directory. Applications using the access point can only access data in its own directory and below. To learn more, see [Mounting a file system using EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html).
This operation requires permissions for the elasticfilesystem:CreateAccessPoint action.
Idaws.efs.access_points

Fields

NameDatatypeDescription
access_point_idstring
arnstring
client_tokenstringThe opaque string specified in the request to ensure idempotent creation.
access_point_tagsarrayAn array of key-value pairs to apply to this resource.
For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html).
file_system_idstringThe ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example fs-0123456789abcedf2.
posix_userobjectThe full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.
root_directoryobjectThe directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.
regionstringAWS region.

Methods

NameAccessible byRequired Params
create_resourceINSERTFileSystemId, region
delete_resourceDELETEdata__Identifier, region
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all access_points in a region.

SELECT
region,
access_point_id,
arn,
client_token,
access_point_tags,
file_system_id,
posix_user,
root_directory
FROM aws.efs.access_points
WHERE region = 'us-east-1';

Gets all properties from an individual access_point.

SELECT
region,
access_point_id,
arn,
client_token,
access_point_tags,
file_system_id,
posix_user,
root_directory
FROM aws.efs.access_points
WHERE region = 'us-east-1' AND data__Identifier = '<AccessPointId>';

INSERT example

Use the following StackQL query and manifest file to create a new access_point resource, using stack-deploy.

/*+ create */
INSERT INTO aws.efs.access_points (
 FileSystemId,
 region
)
SELECT 
'{{ FileSystemId }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM aws.efs.access_points
WHERE data__Identifier = '<AccessPointId>'
AND region = 'us-east-1';

Permissions

To operate on the access_points resource, the following permissions are required:

Create

elasticfilesystem:CreateAccessPoint,
elasticfilesystem:TagResource,
elasticfilesystem:DescribeAccessPoints

Read

elasticfilesystem:DescribeAccessPoints

Delete

elasticfilesystem:DeleteAccessPoint,
elasticfilesystem:DescribeAccessPoints

List

elasticfilesystem:DescribeAccessPoints

Update

elasticfilesystem:DescribeAccessPoints,
elasticfilesystem:ListTagsForResource,
elasticfilesystem:TagResource,
elasticfilesystem:UntagResource