Skip to content

Commit cbf130e

Browse files
pahudpahud
authored
feat(efs): allow to specify az for one-zone (#30010)
### Issue # (if applicable) This PR allows users to specify AZ for the one-zone filesystems through the `vpcSubnets.availabilityZones`. Before this PR, `vpcSubnets` is not allowed when `oneZone` is enabled, this PR removes the restriction and takes the following use cases into considerations: - [x] create a regional EFS file system with a mount target for each AZ - [x] create a one-zone EFS file system with mount target at the auto-selected AZ - [x] create a one-zone EFS file system at specified AZ with a single mount target at that AZ - [x] create a regional EFS file system with a single mount target at the specified AZ Closes #30005 ### Reason for this change ### Description of changes ### Description of how you validated changes 1. Add additional unit tests. 2. I have deployed the code below and validated from my AWS console. ```ts // create a regional EFS file system with a mount target for each AZ new FileSystem(stack, 'FileSystem1', { vpc, }); // create a one-zone EFS file system with mount target at the auto-selected AZ new FileSystem(stack, 'FileSystem2', { vpc, oneZone: true, }); // create a one-zone EFS file system at specified AZ with a single mount target at that AZ new FileSystem(stack, 'FileSystem3', { vpc, oneZone: true, vpcSubnets: { availabilityZones: [vpc.availabilityZones[1]], }, }); // create a regional EFS file system with a single mount target at the specified AZ new FileSystem(stack, 'FileSystem4', { vpc, vpcSubnets: { availabilityZones: [vpc.availabilityZones[2]], }, }); ``` ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
1 parent c389a8b commit cbf130e

File tree

11 files changed

+607
-263
lines changed

11 files changed

+607
-263
lines changed

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/asset.4554b47be6f57b68c6c7a7391dcc73894866d2377fe174883351e7639097f292/__entrypoint__.js

-147
This file was deleted.

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/asset.bde7b5c89cb43285f884c94f0b9e17cdb0f5eb5345005114dd60342e0b8a85a1/__entrypoint__.js

+155
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/asset.4554b47be6f57b68c6c7a7391dcc73894866d2377fe174883351e7639097f292/index.js renamed to packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/asset.bde7b5c89cb43285f884c94f0b9e17cdb0f5eb5345005114dd60342e0b8a85a1/index.js

File renamed without changes.

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/manifest.json

+19-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/test-efs-one-zone-integ.assets.json

+5-5
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/@aws-cdk-testing/framework-integ/test/aws-efs/test/integ.efs-filesystem-one-zone.js.snapshot/test-efs-one-zone-integ.template.json

+84-1
Original file line numberDiff line numberDiff line change
@@ -489,7 +489,7 @@
489489
"S3Bucket": {
490490
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
491491
},
492-
"S3Key": "4554b47be6f57b68c6c7a7391dcc73894866d2377fe174883351e7639097f292.zip"
492+
"S3Key": "bde7b5c89cb43285f884c94f0b9e17cdb0f5eb5345005114dd60342e0b8a85a1.zip"
493493
},
494494
"Timeout": 900,
495495
"MemorySize": 128,
@@ -589,6 +589,89 @@
589589
"Ref": "VpcPrivateSubnet1Subnet536B997A"
590590
}
591591
}
592+
},
593+
"FileSystem2C84D7800": {
594+
"Type": "AWS::EFS::FileSystem",
595+
"Properties": {
596+
"AvailabilityZoneName": {
597+
"Fn::Select": [
598+
1,
599+
{
600+
"Fn::GetAZs": ""
601+
}
602+
]
603+
},
604+
"Encrypted": true,
605+
"FileSystemPolicy": {
606+
"Statement": [
607+
{
608+
"Action": [
609+
"elasticfilesystem:ClientRootAccess",
610+
"elasticfilesystem:ClientWrite"
611+
],
612+
"Condition": {
613+
"Bool": {
614+
"elasticfilesystem:AccessedViaMountTarget": "true"
615+
}
616+
},
617+
"Effect": "Allow",
618+
"Principal": {
619+
"AWS": "*"
620+
}
621+
}
622+
],
623+
"Version": "2012-10-17"
624+
},
625+
"FileSystemTags": [
626+
{
627+
"Key": "Name",
628+
"Value": "test-efs-one-zone-integ/FileSystem2"
629+
}
630+
]
631+
},
632+
"UpdateReplacePolicy": "Retain",
633+
"DeletionPolicy": "Retain"
634+
},
635+
"FileSystem2EfsSecurityGroup2AF8F758": {
636+
"Type": "AWS::EC2::SecurityGroup",
637+
"Properties": {
638+
"GroupDescription": "test-efs-one-zone-integ/FileSystem2/EfsSecurityGroup",
639+
"SecurityGroupEgress": [
640+
{
641+
"CidrIp": "0.0.0.0/0",
642+
"Description": "Allow all outbound traffic by default",
643+
"IpProtocol": "-1"
644+
}
645+
],
646+
"Tags": [
647+
{
648+
"Key": "Name",
649+
"Value": "test-efs-one-zone-integ/FileSystem2"
650+
}
651+
],
652+
"VpcId": {
653+
"Ref": "Vpc8378EB38"
654+
}
655+
}
656+
},
657+
"FileSystem2EfsMountTargetPrivateSubnet26E5947D6": {
658+
"Type": "AWS::EFS::MountTarget",
659+
"Properties": {
660+
"FileSystemId": {
661+
"Ref": "FileSystem2C84D7800"
662+
},
663+
"SecurityGroups": [
664+
{
665+
"Fn::GetAtt": [
666+
"FileSystem2EfsSecurityGroup2AF8F758",
667+
"GroupId"
668+
]
669+
}
670+
],
671+
"SubnetId": {
672+
"Ref": "VpcPrivateSubnet2Subnet3788AAA1"
673+
}
674+
}
592675
}
593676
},
594677
"Parameters": {

0 commit comments

Comments
 (0)