- 最新
- 最多得票
- 最多評論
I believe the way you can do this from on-prem would be to use named profiles on your ON PREM Servers
You can mount with IAM authorization using the IAM credentials located in the AWS CLI credentials file ~/.aws/credentials, or the AWS CLI config file ~/.aws/config. If "awsprofile" is not specified, the "default" profile is used.
To mount with IAM authorization to a Linux instance using a credentials file, use the tls, awsprofile, and iam mount options, shown following.
sudo mount -t efs -o tls,iam,awsprofile=namedprofile file-system-id efs-mount-point/
To automatically mount with IAM authorization to a Linux instance using a credentials file, add the following line to the /etc/fstab file on the EC2 instance.
file-system-id:/ efs-mount-point efs _netdev,tls,iam,awsprofile=namedprofile 0 0
REF: https://docs.aws.amazon.com/efs/latest/ug/mounting-IAM-option.html
After that point your connected to EFS using IAM and therefore can apply file system policies: https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html
You will of course need the amazon fs mounter and amazon-efs-utils also https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-mount-helper-direct.html
相關內容
- 已提問 1 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 9 個月前
- AWS 官方已更新 1 年前
Hi Gary,
Thanks for getting back to me.
I'll check this out and get back to you.
Thanks,
Paddy
Cheers Paddy