efs - create and maintain EFS file systems

New in version 2.2.


  • Module allows create, search and destroy Amazon EFS file systems


parameter required default choices comments
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.

aliases: ec2_access_key, access_key
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.

aliases: ec2_secret_key, secret_key
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
no None
ID of Amazon EFS. Either name or ID required for delete.
no None
Creation Token of Amazon EFS file system. Required for create. Either name or ID required for delete.
no general_purpose
  • general_purpose
  • max_io
File system's performance mode to use. Only takes effect during creation.
(added in 1.6)
Uses a boto profile. Only works with boto >= 2.24.0.
(added in 1.6)
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.

aliases: access_token
no present
  • present
  • absent
Allows to create, search and destroy Amazon EFS file system
no None
List of tags of Amazon EFS. Should be defined as dictionary In case of 'present' state with list of tags and existing EFS (matched by 'name'), tags of EFS will be replaced with provided data.
no None
List of mounted targets. It should be a list of dictionaries, every dictionary should include next attributes: - subnet_id - Mandatory. The ID of the subnet to add the mount target in. - ip_address - Optional. A valid IPv4 address within the address range of the specified subnet. - security_groups - Optional. List of security group IDs, of the form 'sg-xxxxxxxx'. These must be for the same VPC as subnet specified This data may be modified for existing EFS using state 'present' and new list of mount targets.
(added in 1.5)
no yes
  • yes
  • no
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
no no
  • yes
  • no
In case of 'present' state should wait for EFS 'available' life cycle state (of course, if current state not 'deleting' or 'deleted') In case of 'absent' state should wait for EFS 'deleted' life cycle state
How long the module should wait (in seconds) for desired state before returning. Zero means wait as long as necessary.


# EFS provisioning
- efs:
    state: present
    name: myTestEFS
        name: myTestNameTag
        purpose: file-storage
        - subnet_id: subnet-748c5d03
          security_groups: [ "sg-1a2b3c4d" ]

# Modifying EFS data
- efs:
    state: present
    name: myTestEFS
        name: myAnotherTestTag
        - subnet_id: subnet-7654fdca
          security_groups: [ "sg-4c5d6f7a" ]

# Deleting EFS
- efs:
    state: absent
    name: myTestEFS

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
creation_token EFS creation token None UUID console-88609e04-9a0e-4a2e-912c-feaa99509961
name name of the file system None str my-efs
tags tags on the efs instance None dict {'name': 'my-efs', 'key': 'Value'}
size_in_bytes size of the file system in bytes as of a timestamp None dict {'timestamp': '2015-12-21 13:59:59-05:00', 'value': 12288}
creation_time timestamp of creation date None datetime 2015-11-16 12:30:57
life_cycle_state state of the EFS file system None str creating, available, deleting, deleted
file_system_id ID of the file system None unique ID fs-xxxxxxxx
mount_point url of file system None str
number_of_mount_targets the number of targets mounted None int 3
mount_targets list of mount targets None list of dicts [{'mount_target_id': 'fsmt-d8907871', 'life_cycle_state': 'available', 'file_system_id': 'fs-a7ad440e', 'subnet_id': 'subnet-e265c895', 'network_interface_id': 'eni-6e387e26', 'ip_address': '', 'security_groups': ['sg-a30b22c6'], 'owner_id': '740748460359'}, '...']
performance_mode performance mode of the file system None str generalPurpose
owner_id AWS account ID of EFS owner None str XXXXXXXXXXXX



  • If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence AWS_URL or EC2_URL, AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY or EC2_ACCESS_KEY, AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY or EC2_SECRET_KEY, AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN, AWS_REGION or EC2_REGION
  • Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See
  • AWS_REGION or EC2_REGION can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file


This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.


This module is supported mainly by the community and is curated by core committers.

For more information on what this means please read Module Support

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.