DataSync with EFS Source fails when policy requires encryption in transit.


We have been using data sync with no issues with an EFS drive which does not require encryption in transit. For compliance reasons, we have moved to a drive which requires encryption in transit. DataSync to the new drive fails. When I remove the policy, the task completes. When I restore the policy, the task fails. Now what?

  • Can you please elaborate? Where is the policy being set? Are you introducing encryption in transit in 1, 2 or 3 as per the diagram in

  • Our data is on an EFS drive. That diagram relates to data sitting on on-prem servers, so it is not clear how it applies to the situation in question. The policy was created through the website by checking the "Enforce in-transit encryption for all clients" box on the "File System Policy" tab for the EFS drive in question.

1 Answer
Accepted Answer

Hi Nathan,

DataSync recently released support for EFS TLS 1.2 and utilizing IAM roles for DataSync within EFS file system policies. Now, when creating your EFS location you can specify TLS 1.2 and optionally specify an IAM role as part of the location to be used as a principal inside an EFS file system policy.

The DataSync docs have details on how to accomplish this.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions