Hi guys,
I'm trying to copy data from efs that is in us-east-1 to a s3 in us-east-1, so I created a new datasync to do the job.
The mount target is the ip address of the EFS filesystem and it's complaining about security group issue.
Here is the error:
Task failed to access location loc-0426eaa718cb13c76: x40016: Failed to connect to EFS mount target with IP: 10.107.196.128. Please ensure that mount target's security group allows 2049 ingress from the DataSync security group or hosts within the mount target's subnet. The DataSync security group should also allow all egress to the EFS mount target and its security group.
I am having hard time deciphering the 2 statements.
- Please ensure that mount target's security group allows 2049 ingress from the DataSync security group or hosts within the mount target's subnet.
Is the mount target the EFS or the EC2 instance that EFS is mounted on? If I am not mistaken, EFS do not have security groups but the EC2 instance does, so is the 1st statement asking me to ensure that EC2 instance security group allow 2049 in bound from DataSync security group?
- The DataSync security group should also allow all egress to the EFS mount target and its security group.
after creating DataSync security group, do I add this new group to the EC2 instance that EFS is mounted to?
Thank you.