GitHub shows a basic setup EFS in a VPC

  • VPC and EFS
  • EFS mount target
  • Peer security group between EC2 and EFS, port 2049
Introduction to EFS

Setup EFS for EC2 Instances#

  • cdk to create a efs file system in an existing vpc
  • configure mount point target in the vpc
  • mount the efs to ec2 instances

EFS Stack#

look up the existing vpc

const vpc = cdk.aws_ec2.Vpc.fromLookup(this, 'ExistedVpc', {
region: this.region,
vpcId: props.vpcId,
vpcName: props.vpcName

security group for efs file system

const efsSecurityGroup = new cdk.aws_ec2.SecurityGroup(
securityGroupName: 'EfsSecurityGroup',
vpc: vpc
'associate with security group of the ec2'

efs file system cdk L2 construct

const efs = new cdk.aws_efs.FileSystem(this, 'EfsDemo', {
fileSystemName: 'EfsDemo',
vpc: vpc,
performanceMode: cdk.aws_efs.PerformanceMode.GENERAL_PURPOSE,
securityGroup: efsSecurityGroup
// default mount point target will be created per subnet
// vpcSubnets to select subnet for mount target

Mount FileSystem in an EC2#

  • associate the security of mount targest with ec2 on nfs 2049 port
  • install amazon-efs-utils in ec2
  • mount options and commands
sudo yum install -y amazon-efs-utils
sudo mount -t efs -o tls fs-05ede5fe007965c7b:/ efs