## Requirements | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= v1.1.9 | | [aws](#requirement\_aws) | >= 4.13.0 | | [external](#requirement\_external) | 2.2.2 | ## Providers | Name | Version | |------|---------| | [aws](#provider\_aws) | 4.19.0 | | [external](#provider\_external) | 2.2.2 | ## Modules | Name | Source | Version | |------|--------|---------| | [efs\_kms](#module\_efs\_kms) | github.com/aws-samples/aws-tf-kms//modules/aws/kms | v1.0.0 | ## Resources | Name | Type | |------|------| | [aws_efs_access_point.efs_ap](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_access_point) | resource | | [aws_efs_backup_policy.backup_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_backup_policy) | resource | | [aws_efs_file_system.efs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system) | resource | | [aws_efs_file_system_policy.efs_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy) | resource | | [aws_efs_mount_target.efs_mount](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_mount_target) | resource | | [aws_security_group.efs_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource | | [aws_security_group_rule.egress_efs_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [efs\_name](#input\_efs\_name) | A unique name to reference the EFS. | `string` | n/a | yes | | [project](#input\_project) | Project name (prefix/suffix) to be used on all the resources identification | `string` | n/a | yes | | [region](#input\_region) | The AWS Region e.g. us-east-1 for the environment | `string` | n/a | yes | | [availability\_zone\_name](#input\_availability\_zone\_name) | The AWS Availability Zone in which to create the file system.
If not empty, EFS will be created with One Zone storage class.
For example: "us-east-1a"
The `subnet_tags` must identify the target subnets in this AZ.
Not applicable if `efs_id` is provided | `string` | `null` | no | | [backup\_plan](#input\_backup\_plan) | Backup plan for the EFS
Valid values: `AUTO` or `CUSTOM`
Not applicable if `efs_id` is provided | `string` | `"CUSTOM"` | no | | [efs\_access\_point\_specs](#input\_efs\_access\_point\_specs) | List of EFS Access Point Specs that will be created.
- `efs_ap`, required. Unique name to identify access point
- `uid`, required. e.g. 0
- `gid`, required. e.g. 0
- `secondary_gids`, required. e.g. []
- `root_path`, required. e.g. /{env}/{project}/{purpose}/{name}
- `owner_uid`, required. e.g. 0
- `owner_gid`, required. e.g. 0
- `root_permission`, required e.g. 0755
- `principal_arns`, required. User or Role ARNs that need access to this access point e.g. ["*"] |

list(object({
    efs_ap          = string
    uid             = number
    gid             = number
    secondary_gids  = list(number)
    root_path       = string
    owner_uid       = number
    owner_gid       = number
    root_permission = string
    principal_arns  = list(string)
  }))

| `[]` | no | | [efs\_id](#input\_efs\_id) | File System ID. (required, if module is used to create new EFS access point(s) for an existing EFS)
if null, new EFS will be created | `string` | `null` | no | | [efs\_tags](#input\_efs\_tags) | Tags for the EFS.
For example

tags = {
  "BackupPlan" = "EVERY-DAY"
}

| `map(string)` | `{}` | no | | [encrypted](#input\_encrypted) | Should EFS be encrypted?
Not applicable if `efs_id` is provided | `bool` | `true` | no | | [env\_name](#input\_env\_name) | Environment name e.g. dev, prod | `string` | `"dev"` | no | | [kms\_admin\_roles](#input\_kms\_admin\_roles) | List Administrator roles for KMS.
Provide at least one Admin role if `kms_alias` is empty | `list(string)` | `[]` | no | | [kms\_alias](#input\_kms\_alias) | Use the given alias or create a new KMS like alias/{var.project}/efs | `string` | `null` | no | | [performance\_mode](#input\_performance\_mode) | The file system performance mode.
Value values: `generalPurpose` or `maxIO`.
Not applicable if `efs_id` is provided | `string` | `"generalPurpose"` | no | | [provisioned\_throughput\_in\_mibps](#input\_provisioned\_throughput\_in\_mibps) | The throughput, measured in MiB/s.
Only applicable with `throughput_mode` set to `provisioned`.
Not applicable if `efs_id` is provided | `number` | `1` | no | | [security\_group\_tags](#input\_security\_group\_tags) | Tags to discover an existing security group for the new EFS.
These tags should uniquely identify a security group
if null, new Security Group will be created
Not applicable if `efs_id` is provided | `map(string)` | `null` | no | | [subnet\_tags](#input\_subnet\_tags) | Tags to discover target subnets in the VPC, these tags should identify one or more subnets
Required, if `efs_id` is null, i.e. new EFS is being created and mount target(s) are being created | `map(string)` | `null` | no | | [tags](#input\_tags) | Common and mandatory tags for the resources | `map(string)` | `{}` | no | | [throughput\_mode](#input\_throughput\_mode) | Throughput mode for the file system.
Valid values: `bursting`, or `provisioned`.
When using provisioned, also set `provisioned_throughput_in_mibps` (1-1024).
Not applicable if `efs_id` is provided | `string` | `"bursting"` | no | | [transition\_to\_ia](#input\_transition\_to\_ia) | When to transition files to the IA storage class.
Valid values: `NONE`, `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, or `AFTER_90_DAYS`.
Not applicable if `efs_id` is provided | `string` | `"AFTER_7_DAYS"` | no | | [vpc\_tags](#input\_vpc\_tags) | Tags to discover target VPC, these tags should uniquely identify a VPC
Required, if `efs_id` is null, i.e. new EFS is being created and mount target(s) are being created | `map(string)` | `null` | no | ## Outputs | Name | Description | |------|-------------| | [efs](#output\_efs) | Elastic File System info | | [efs\_ap](#output\_efs\_ap) | Elastic File System Access Point info | | [efs\_kms\_aliases](#output\_efs\_kms\_aliases) | Outputs from KMS module key\_aliases | | [efs\_kms\_policies](#output\_efs\_kms\_policies) | Outputs from KMS module key\_policies |