#!/bin/bash # A script to create an EFS file system and a mount target using AWS CLI. # --- Configuration --- REGION="us-east-1" EFS_FS_NAME="MyCLIEFSFileSystem" SG_NAME="MyCLIEFS_SG" # --- 1. Get Default VPC and Subnet --- echo "--- Getting Default VPC and Subnet ID ---" VPC_ID=$(aws ec2 describe-vpcs \ --filters "Name=is-default,Values=true" \ --query "Vpcs[0].VpcId" \ --region $REGION \ --output text) if [ -z "$VPC_ID" ]; then echo "Error: Could not find a default VPC. Exiting." exit 1 fi echo "Default VPC ID: $VPC_ID" SUBNET_ID=$(aws ec2 describe-subnets \ --filters "Name=vpc-id,Values=$VPC_ID" "Name=default-for-az,Values=true" \ --query "Subnets[0].SubnetId" \ --region $REGION \ --output text) if [ -z "$SUBNET_ID" ]; then echo "Error: Could not find a default subnet. Exiting." exit 1 fi echo "Default Subnet ID: $SUBNET_ID" # --- 2. Create Security Group for EFS --- echo -e "\n--- Creating Security Group: $SG_NAME ---" SG_ID=$(aws ec2 create-security-group \ --group-name $SG_NAME \ --description "Allow NFS traffic for EFS" \ --vpc-id $VPC_ID \ --region $REGION \ --query 'GroupId' --output text) # Authorize NFS (port 2049) from within the VPC aws ec2 authorize-security-group-ingress \ --group-id $SG_ID \ --protocol tcp \ --port 2049 \ --cidr $VPC_ID_CIDR \ --region $REGION echo "Security Group '$SG_NAME' created with ID: $SG_ID" # --- 3. Create EFS File System --- echo -e "\n--- Creating EFS File System: $EFS_FS_NAME ---" FILE_SYSTEM_ID=$(aws efs create-file-system \ --performance-mode generalPurpose \ --throughput-mode bursting \ --encrypted \ --tags Key=Name,Value=$EFS_FS_NAME \ --region $REGION \ --query 'FileSystemId' --output text) echo "EFS File System created with ID: $FILE_SYSTEM_ID. Waiting for it to be available..." aws efs wait file-system-available --file-system-id $FILE_SYSTEM_ID --region $REGION echo "EFS File System is available." # --- 4. Create Mount Target --- echo -e "\n--- Creating Mount Target for EFS File System ---" MOUNT_TARGET_ID=$(aws efs create-mount-target \ --file-system-id $FILE_SYSTEM_ID \ --subnet-id $SUBNET_ID \ --security-groups $SG_ID \ --region $REGION \ --query 'MountTargetId' --output text) echo "Mount Target created with ID: $MOUNT_TARGET_ID. Waiting for it to be available..." aws efs wait mount-target-available --mount-target-id $MOUNT_TARGET_ID --region $REGION echo "Mount Target is available." echo -e "\n--- EFS File System setup complete! ---" echo "File System ID: $FILE_SYSTEM_ID" echo "Mount Target ID: $MOUNT_TARGET_ID" echo "You can now mount this EFS file system on an EC2 instance in subnet $SUBNET_ID." read -p "Press Enter to delete the EFS resources..." # --- Clean Up --- echo -e "\n--- Cleaning up resources ---" # Delete Mount Target echo "Deleting Mount Target '$MOUNT_TARGET_ID'..." aws efs delete-mount-target \ --mount-target-id $MOUNT_TARGET_ID \ --region $REGION echo "Waiting for mount target to be deleted..." # EFS doesn't have a 'mount-target-not-exists' waiter, so we poll while aws efs describe-mount-targets --mount-target-id $MOUNT_TARGET_ID --region $REGION 2>/dev/null; do echo "Mount target still exists, waiting..." sleep 10 done echo "Mount Target deleted." # Delete EFS File System echo "Deleting EFS File System '$FILE_SYSTEM_ID'..." aws efs delete-file-system \ --file-system-id $FILE_SYSTEM_ID \ --region $REGION echo "Waiting for file system to be deleted..." aws efs wait file-system-deleted --file-system-id $FILE_SYSTEM_ID --region $REGION echo "EFS File System deleted." # Delete Security Group echo "Deleting Security Group '$SG_NAME'..." aws ec2 delete-security-group \ --group-id $SG_ID \ --region $REGION echo "Security Group deleted." echo -e "\n--- EFS file system demonstration and cleanup complete ---"