AWS efs documentation change
Summary
Added '-o tls' as a mount option alongside '-o iam' in troubleshooting instructions
Security assessment
Addition of TLS mount option documents encryption in transit capabilities, which is a security feature. However, there's no evidence this addresses a specific security vulnerability.
Diff
diff --git a/efs/latest/ug/troubleshooting-efs-mounting.md index 6c2ee0d1e..d52b0d772 100644 --- a/efs/latest/ug/troubleshooting-efs-mounting.md +++ b/efs/latest/ug/troubleshooting-efs-mounting.md @@ -30 +30 @@ This issue can occur if your NFS client does not have permission to mount the fi -If you are attempting to mount the file system using IAM, make sure you are using the `-o iam` option in your mount command. This tells the EFS mount helper to pass your credentials to the EFS mount target. If you still don't have access, check your file system policy and your identity policy to ensure there are no DENY clauses that apply to your connection, and that there is at least one ALLOW clause that applies to the connection. For more information, see [Using IAM to control file system data access](./iam-access-control-nfs-efs.html) and [Creating file system policies](./create-file-system-policy.html). +If you are attempting to mount the file system using IAM, make sure you are using the `-o iam` or -o tls option in your mount command. This tells the EFS mount helper to pass your credentials to the EFS mount target. If you still don't have access, check your file system policy and your identity policy to ensure there are no DENY clauses that apply to your connection, and that there is at least one ALLOW clause that applies to the connection. For more information, see [Using IAM to control file system data access](./iam-access-control-nfs-efs.html) and [Creating file system policies](./create-file-system-policy.html).