EFS without tags

Ce produit n'est pas pris en charge par le site Datadog que vous avez sélectionné. ().
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Metadata

Id: b8a9852c-9943-4973-b8d5-77dae9352851

Cloud Provider: AWS

Platform: Ansible

Severity: Low

Category: Build Process

Learn More

Description

EFS filesystems must have tags defined to support asset identification, tag-based access control, cost allocation, and automated lifecycle or compliance policies. For Ansible tasks using the community.aws.efs or efs modules, the tags property must be present and contain at least one key/value pair. Tasks that omit the tags property or provide an empty mapping are flagged as missing required metadata.

Secure example:

- name: Create EFS filesystem
  community.aws.efs:
    state: present
    name: my-efs
    performance_mode: generalPurpose
    tags:
      Name: my-efs
      Environment: production

Compliant Code Examples

- name: EFS provisioning
  community.aws.efs:
    state: present
    name: myTestEFS
    tags:
      Name: myTestNameTag
      purpose: file-storage
    targets:
      - subnet_id: subnet-748c5d03
        security_groups: [ "sg-1a2b3c4d" ]

Non-Compliant Code Examples

- name: EFS provisioning without tags
  community.aws.efs:
    state: present
    name: myTestEFS
    targets:
      - subnet_id: subnet-748c5d03
        security_groups: [ "sg-1a2b3c4d" ]