EFS access points should enforce a user identity

amazon-efs
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control verifies whether Amazon EFS access points are configured to enforce a specific user identity. The control is marked as non-compliant if a POSIX user identity is not defined during the creation of the EFS access point.

Amazon EFS access points are designed as application-specific entry points into an EFS file system, simplifying the management of application access to shared data. Access points can enforce a user identity, including the associated POSIX group memberships, for all file system requests made through them.

Remediation

For details on configuring a user identity for an Amazon EFS access point, refer to the Enforcing a user identity using an access point section in the Amazon Elastic File System User Guide.