AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
Creates a mount target for a file system. You can then mount the file system on EC2 instances by using the mount target.
You can create one mount target in each Availability Zone in your VPC. All EC2 instances in a VPC within a given Availability Zone share a single mount target for a given file system. If you have multiple subnets in an Availability Zone, you create a mount target in one of the subnets. EC2 instances do not need to be in the same subnet as the mount target in order to access their file system.
You can create only one mount target for a One Zone file system. You must create that mount target in the same Availability Zone in which the file system is located. Use the AvailabilityZoneName
and AvailabiltyZoneId
properties in the DescribeFileSystems response object to get this information. Use the subnetId
associated with the file system's Availability Zone when creating the mount target.
For more information, see Amazon EFS: How it Works .
To create a mount target for a file system, the file system's lifecycle state must be available
. For more information, see DescribeFileSystems .
In the request, provide the following:
After creating the mount target, Amazon EFS returns a response that includes, a MountTargetId
and an IpAddress
. You use this IP address when mounting the file system in an EC2 instance. You can also use the mount target's DNS name when mounting the file system. The EC2 instance on which you mount the file system by using the mount target can resolve the mount target's DNS name to its IP address. For more information, see How it Works: Implementation Overview .
Note that you can create mount targets for a file system in only one VPC, and there can be only one mount target per Availability Zone. That is, if the file system already has one or more mount targets created for it, the subnet specified in the request to add another mount target must meet the following requirements:
If the request satisfies the requirements, Amazon EFS does the following:
IpAddress
, Amazon EFS assigns that IP address to the network interface. Otherwise, Amazon EFS assigns a free address in the subnet (in the same way that the Amazon EC2 CreateNetworkInterface
call does when a request does not specify a primary private IP address).SecurityGroups
, this network interface is associated with those security groups. Otherwise, it belongs to the default security group for the subnet's VPC.Mount target *fsmt-id* for file system *fs-id* `` where `` *fsmt-id* `` is the mount target ID, and `` *fs-id* `` is the ``FileSystemId
.requesterManaged
property of the network interface to true
, and the requesterId
value to EFS
.Each Amazon EFS mount target has one corresponding requester-managed EC2 network interface. After the network interface is created, Amazon EFS sets the NetworkInterfaceId
field in the mount target's description to the network interface ID, and the IpAddress
field to its address. If network interface creation fails, the entire CreateMountTarget
operation fails.
CreateMountTarget
call returns only after creating the network interface, but while the mount target state is still creating
, you can check the mount target creation status by calling the DescribeMountTargets operation, which among other things returns the mount target state.We recommend that you create a mount target in each of the Availability Zones. There are cost considerations for using a file system in an Availability Zone through a mount target created in another Availability Zone. For more information, see Amazon EFS . In addition, by always using a mount target local to the instance's Availability Zone, you eliminate a partial failure scenario. If the Availability Zone in which your mount target is created goes down, then you can't access your file system through that mount target.
This operation requires permissions for the following action on the file system:
elasticfilesystem:CreateMountTarget
This operation also requires permissions for the following Amazon EC2 actions:
ec2:DescribeSubnets
ec2:DescribeNetworkInterfaces
ec2:CreateNetworkInterface
See also: AWS API Documentation
create-mount-target
--file-system-id <value>
--subnet-id <value>
[--ip-address <value>]
[--security-groups <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--file-system-id
(string)
The ID of the file system for which to create the mount target.
--subnet-id
(string)
The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.
--ip-address
(string)
Valid IPv4 address within the address range of the specified subnet.
--security-groups
(list)
Up to five VPC security group IDs, of the form
sg-xxxxxxxx
. These must be for the same VPC as subnet specified.(string)
Syntax:
"string" "string" ...
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.
Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal's quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .
To create a mount target
The following create-mount-target
example creates a mount target for the specified file system.
aws efs create-mount-target \
--file-system-id fs-c7a0456e \
--subnet-id subnet-02bf4c428bexample \
--security-groups sg-068f739363example
Output:
{
"OwnerId": "123456789012",
"MountTargetId": "fsmt-f9a14450",
"FileSystemId": "fs-c7a0456e",
"SubnetId": "subnet-02bf4c428bexample",
"LifeCycleState": "creating",
"IpAddress": "10.0.1.24",
"NetworkInterfaceId": "eni-02d542216aexample",
"AvailabilityZoneId": "use2-az2",
"AvailabilityZoneName": "us-east-2b",
"VpcId": "vpc-0123456789abcdef0"
}
For more information, see Creating mount targets in the Amazon Elastic File System User Guide.
OwnerId -> (string)
Amazon Web Services account ID that owns the resource.
MountTargetId -> (string)
System-assigned mount target ID.
FileSystemId -> (string)
The ID of the file system for which the mount target is intended.
SubnetId -> (string)
The ID of the mount target's subnet.
LifeCycleState -> (string)
Lifecycle state of the mount target.
IpAddress -> (string)
Address at which the file system can be mounted by using the mount target.
NetworkInterfaceId -> (string)
The ID of the network interface that Amazon EFS created when it created the mount target.
AvailabilityZoneId -> (string)
The unique and consistent identifier of the Availability Zone that the mount target resides in. For example,use1-az1
is an AZ ID for the us-east-1 Region and it has the same location in every Amazon Web Services account.
AvailabilityZoneName -> (string)
The name of the Availability Zone in which the mount target is located. Availability Zones are independently mapped to names for each Amazon Web Services account. For example, the Availability Zoneus-east-1a
for your Amazon Web Services account might not be the same location asus-east-1a
for another Amazon Web Services account.
VpcId -> (string)
The virtual private cloud (VPC) ID that the mount target is configured in.