AWS efs medium security documentation change
Summary
Added explicit requirement to allow NFS access on port 2049 in security group configuration
Security assessment
Specifying port 2049 enforces stricter network security controls for NFS access, reducing attack surface by limiting open ports. This directly addresses potential misconfiguration vulnerabilities.
Diff
diff --git a/efs/latest/ug/troubleshooting-efs-mounting.md b/efs/latest/ug/troubleshooting-efs-mounting.md index 33baf3fbd..0649879b5 100644 --- a//efs/latest/ug/troubleshooting-efs-mounting.md +++ b//efs/latest/ug/troubleshooting-efs-mounting.md @@ -158 +158 @@ The file system mount command hangs for a minute or two, and then fails with a t -This error can occur because either the Amazon EC2 instance or the mount target security groups are not configured properly. Make sure that the mount target security group has an inbound rule that allows NFS access from the EC2 security group. For more information, see [Using VPC security groups](./network-access.html). +This error can occur because either the Amazon EC2 instance or the mount target security groups are not configured properly. Make sure that the mount target security group has an inbound rule that allows NFS access on port 2049 from the EC2 security group. For more information, see [Using VPC security groups](./network-access.html).