VIEW RULE IN DATADOG VIEW MISCONFIGURATIONS

Description

This control verifies whether Amazon EFS access points are set up to enforce a specific root directory. The control fails if the Path value is /, which represents the default root directory of the file system.

By enforcing a root directory, NFS clients connecting through the access point are directed to the designated root directory specified on the access point, rather than the default file system root. This ensures data access is restricted, allowing users of the access point to access only the files located within the defined subdirectory.

Remediation

To learn how to configure a root directory for an Amazon EFS access point, refer to the Enforcing a root directory with an access point section in the Amazon Elastic File System User Guide.