According to the documentation, it should be possible.
The file system and the Lambda function must be in the same region. A Lambda function in one account can mount a file system in a different account. For this scenario, you configure VPC peering between the function VPC and the file system VPC
However, I didn't find a way how to do that.
VPC peering was configured and my EFS works fine with EC2 instances in different accounts/regions, but there is no way to mount it with the lambda function.
From the console, I can add file system only from lambda's VPC (let's say VPC A) but not from the needed one (let's say VPC B).
In Cloudformation I'm specifying the needed Access Point ARN from VPC B, however, I'm getting the following error: Resource handler returned message: "Lambda must be able to resolve access point arn:aws:elasticfilesystem:eu-west-1:111111111111:access-point/fsap-111111111fffffffff details.
That's not a permission issue as admin permissions were set for test purposes.
For now I'm using multiple EFS for each account/region.
Is it possible to mount a file system from a different account but the same region in order to use a single cross-account EFS?
AWS OFFICIALUpdated 2 years ago
