## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= v1.1.9 |
| [aws](#requirement\_aws) | >= 4.13.0 |
| [external](#requirement\_external) | 2.2.2 |
## Providers
| Name | Version |
|------|---------|
| [aws.primary](#provider\_aws.primary) | 4.19.0 |
| [aws.replica](#provider\_aws.replica) | 4.19.0 |
| [external](#provider\_external) | 2.2.2 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [efs\_kms](#module\_efs\_kms) | github.com/aws-samples/aws-tf-kms//modules/aws/kms | v1.0.0 |
## Resources
| Name | Type |
|------|------|
| [aws_efs_access_point.efs_ap](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_access_point) | resource |
| [aws_efs_file_system_policy.efs_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system_policy) | resource |
| [aws_efs_mount_target.efs_mount](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_mount_target) | resource |
| [aws_efs_replication_configuration.efs_replication](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_replication_configuration) | resource |
| [aws_security_group.efs_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group_rule.egress_efs_sg](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [efs\_name](#input\_efs\_name) | A unique name to reference the EFS replica. | `string` | n/a | yes |
| [project](#input\_project) | Project name (prefix/suffix) to be used for all the resource identifications | `string` | n/a | yes |
| [replica\_region](#input\_replica\_region) | The AWS Region e.g. us-west-1 where replica will be created | `string` | n/a | yes |
| [source\_efs\_id](#input\_source\_efs\_id) | EFS File System ID for the source EFS in the `primary_region`,
for which replication will be created in the `replica_region` | `string` | n/a | yes |
| [subnet\_tags](#input\_subnet\_tags) | Tags to discover target subnets in the VPC in the `replica_region`, these tags should identify one or more subnets | `map(string)` | n/a | yes |
| [vpc\_tags](#input\_vpc\_tags) | Tags to discover target VPC in the `replica_region`, these tags should uniquely identify a VPC | `map(string)` | n/a | yes |
| [availability\_zone\_name](#input\_availability\_zone\_name) | The AWS Availability Zone where read-only EFS replication will be provisioned.
For example: "us-west-1b"
If null, EFS replication with use regional storage class | `string` | `null` | no |
| [efs\_access\_point\_specs](#input\_efs\_access\_point\_specs) | List of EFS Access Point Specs that will be created in the replica EFS.
- `efs_ap`, required. Unique name to identify access point
- `uid`, required. e.g. 0
- `gid`, required. e.g. 0
- `secondary_gids`, required. e.g. []
- `root_path`, required. e.g. /{env}/{project}/{purpose}/{name}
- `owner_uid`, required. e.g. 0
- `owner_gid`, required. e.g. 0
- `root_permission`, required e.g. 0755
- `principal_arns`, required. User or Role ARNs that need access to this access point e.g. ["*"] | list(object({
efs_ap = string
uid = number
gid = number
secondary_gids = list(number)
root_path = string
owner_uid = number
owner_gid = number
root_permission = string
principal_arns = list(string)
})) | `[]` | no |
| [env\_name](#input\_env\_name) | Environment name e.g. dev, prod | `string` | `"dev"` | no |
| [kms\_admin\_roles](#input\_kms\_admin\_roles) | List Administrator roles for KMS.
Provide at least one Admin role if `kms_alias` is empty | `list(string)` | `[]` | no |
| [kms\_alias](#input\_kms\_alias) | The alias for an existing AWS KMS key in the replica region.
if null, a new AWS KMS Key is created in the replica region | `string` | `null` | no |
| [security\_group\_tags](#input\_security\_group\_tags) | Tags to discover an existing security group for the EFS replica.
These tags should uniquely identify a security group
if null, new Security Group will be created | `map(string)` | `null` | no |
| [tags](#input\_tags) | Common and mandatory tags for the resources | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [efs](#output\_efs) | Elastic File System info for the replicated EFS |
| [efs\_ap](#output\_efs\_ap) | Elastic File System Access Point info |
| [efs\_kms\_aliases](#output\_efs\_kms\_aliases) | Outputs from KMS module key\_aliases |
| [efs\_kms\_policies](#output\_efs\_kms\_policies) | Outputs from KMS module key\_policies |