AWS Security ChangesHomeSearch

AWS efs documentation change

Service: efs · 2025-05-16 · Documentation low

File: efs/latest/ug/accessing-fs-nfs-permissions.md

Summary

Updated documentation to use 'EFS' abbreviation consistently instead of 'Amazon EFS' in multiple sections, fixed a link title, and made minor wording adjustments. Corrected a typo in mount helper documentation.

Security assessment

Changes are primarily stylistic (branding abbreviation updates) and typo fixes. No new security controls, vulnerabilities, or mitigations were introduced. Existing security content about IAM policies, root access restrictions, and NFS permissions remains unchanged in substance.

Diff

diff --git a/efs/latest/ug/accessing-fs-nfs-permissions.md b/efs/latest/ug/accessing-fs-nfs-permissions.md
index 05c9e9de1..f1ba57481 100644
--- a//efs/latest/ug/accessing-fs-nfs-permissions.md
+++ b//efs/latest/ug/accessing-fs-nfs-permissions.md
@@ -5 +5 @@
-Example Amazon EFS file system use cases and permissionsUser and group ID permissions for files and directories within a file systemNo root squashingPermissions cachingChanging file system object ownershipEFS access points
+Example EFS file system use cases and permissionsUser and group ID permissions for files and directories within a file systemNo root squashingPermissions cachingChanging file system object ownershipEFS access points
@@ -11 +11 @@ After creating a file system, by default only the root user (UID 0) has read, wr
-Amazon EFS file system objects have a Unix-style mode associated with them. This mode value defines the permissions for performing actions on that object. Users familiar with Unix-style systems can easily understand how Amazon EFS behaves with respect to these permissions.
+EFS file system objects have a Unix-style mode associated with them. This mode value defines the permissions for performing actions on that object. Users familiar with Unix-style systems can easily understand how Amazon EFS behaves with respect to these permissions.
@@ -25 +25 @@ Following, you can find examples of permissions and a discussion about NFS permi
-  * Example Amazon EFS file system use cases and permissions
+  * Example EFS file system use cases and permissions
@@ -40 +40 @@ Following, you can find examples of permissions and a discussion about NFS permi
-## Example Amazon EFS file system use cases and permissions
+## Example EFS file system use cases and permissions
@@ -42 +42 @@ Following, you can find examples of permissions and a discussion about NFS permi
-After you create an Amazon EFS file system and mount targets for the file system in your VPC, you can mount the remote file system locally on your Amazon EC2 instance. The `mount` command can mount any directory in the file system. However, when you first create the file system, there is only one root directory at `/`. The root user and root group own the mounted directory.
+After you create an EFS file system and mount targets for the file system in your VPC, you can mount the remote file system locally on your Amazon EC2 instance. The `mount` command can mount any directory in the file system. However, when you first create the file system, there is only one root directory at `/`. The root user and root group own the mounted directory.
@@ -64 +64 @@ Only the root user can modify this directory. The root user can also grant other
-  * Allow users to write to the Amazon EFS file system root. A user with root privileges can grant other users access to the file system. 
+  * Allow users to write to the EFS file system root. A user with root privileges can grant other users access to the file system. 
@@ -66 +66 @@ Only the root user can modify this directory. The root user can also grant other
-    * To change the Amazon EFS file system ownership to a non-_root_ user and group, use the following:
+    * To change the EFS file system ownership to a non-_root_ user and group, use the following:
@@ -81 +81 @@ This command grants read-write-execute privileges to all users on all EC2 instan
-Files and directories in an Amazon EFS file system support standard Unix-style read, write, and execute permissions based on the user ID and group IDs. When an NFS client mounts an EFS file system without using an access point, the user ID and group ID provided by the client is trusted. You can use EFS access points to override user ID and group IDs used by the NFS client. When users attempt to access files and directories, Amazon EFS checks their user IDs and group IDs to verify that each user has permission to access the objects. Amazon EFS also uses these IDs to indicate the owner and group owner for new files and directories that the user creates. Amazon EFS doesn't examine user or group names—it only uses the numeric identifiers.
+Files and directories in an EFS file system support standard Unix-style read, write, and execute permissions based on the user ID and group IDs. When an NFS client mounts an EFS file system without using an access point, the user ID and group ID provided by the client is trusted. You can use EFS access points to override user ID and group IDs used by the NFS client. When users attempt to access files and directories, Amazon EFS checks their user IDs and group IDs to verify that each user has permission to access the objects. Amazon EFS also uses these IDs to indicate the owner and group owner for new files and directories that the user creates. Amazon EFS doesn't examine user or group names—it only uses the numeric identifiers.
@@ -87 +87 @@ When you create a user on an EC2 instance, you can assign any numeric user ID (U
-If a user accesses an Amazon EFS file system from two different EC2 instances, depending on whether the UID for the user is the same or different on those instances you see different behavior, as follows:
+If a user accesses an EFS file system from two different EC2 instances, depending on whether the UID for the user is the same or different on those instances you see different behavior, as follows:
@@ -91 +91 @@ If a user accesses an Amazon EFS file system from two different EC2 instances, d
-  * If the user IDs aren't the same on both EC2 instances, Amazon EFS considers the users to be different users. The user experience isn't the same when accessing the Amazon EFS file system from the two different EC2 instances.
+  * If the user IDs aren't the same on both EC2 instances, Amazon EFS considers the users to be different users. The user experience isn't the same when accessing the EFS file system from the two different EC2 instances.
@@ -117 +117 @@ By default, root squashing is disabled on EFS file systems. Amazon EFS behaves l
-For more information, see [Using IAM to control file system data access](./iam-access-control-nfs-efs.html).
+For more information, see [Using IAM to control access to file systems](./iam-access-control-nfs-efs.html).
@@ -121 +121 @@ For more information, see [Using IAM to control file system data access](./iam-a
-You can configure Amazon EFS to prevent root access to your Amazon EFS file system for all AWS principals except for a single management workstation. You do this by configuring AWS Identity and Access Management (IAM) authorization for Network File System (NFS) clients.
+You can configure Amazon EFS to prevent root access to your EFS file system for all AWS principals except for a single management workstation. You do this by configuring AWS Identity and Access Management (IAM) authorization for Network File System (NFS) clients.
@@ -127 +127 @@ To do this requires configuring two IAM permissions policies, as follows:
-  * Assign an IAM identity to the Amazon EC2 management workstation that requires root access to the file system by using an Amazon EC2 instance profile. For more information about Amazon EC2 instance profiles, see [Using Instance Profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the _AWS Identity and Access Management User Guide_.
+  * Assign an IAM identity to the Amazon EC2 management workstation that requires root access to the file system by using an EC2 instance profile. For more information about Amazon EC2 instance profiles, see [Use instance profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the _AWS Identity and Access Management User Guide_.
@@ -129 +129 @@ To do this requires configuring two IAM permissions policies, as follows:
-  * Assign the `AmazonElasticFileSystemClientFullAccess` AWS managed policy to the IAM role of the management workstation. For more information about AWS managed policies for EFS, see [Identity and access management for Amazon EFS](./security-iam.html).
+  * Assign the `AmazonElasticFileSystemClientFullAccess` AWS managed policy to the IAM role of the management workstation. For more information about AWS managed policies for Amazon EFS, see [Identity and access management for Amazon EFS](./security-iam.html).
@@ -189 +189 @@ Clients that aren't anonymous can get root access to the file system through an
-  5. Install the EFS mount helper on the management workstation. For more information about the EFS mount helper and the amazon-efs-utils package, see [Installing the Amazon EFS client](./using-amazon-efs-utils.html).
+  5. Install the EFS mount helper on the management workstation. For more information about the EFS mount helper mount helper and the amazon-efs-utils package, see [Installing the Amazon EFS client](./using-amazon-efs-utils.html).