Amazon EFS must have an associated tag

Tags are key-value pairs that you attach to AWS resources to better organize them. They are particularly useful when you have many resources of the same type. By using tags, customers with multiple Amazon EFS can easily access and analyze a specific set by filtering on those that contain the same tag. Two of the key advantages of tagging your Amazon EFS are: Grouping and Filtering and Cost allocation.

Risk Level: Low
Cloud Entity: Amazon Elastic File System (EFS)
CloudGuard Rule ID: D9.AWS.AS.04
Covered by Spectral: Yes
Category: Storage

GSL LOGIC

EFS should have tags

REMEDIATION

From Portal

  1. Navigate to https://console.aws.amazon.com/efs/
  2. Choose the File System in the left navigation panel.
  3. Select the desired file system and click on Tags.
  4. Under Tags, choose Manage tags.
  5. Choose Add tag, and then enter a Tag Key and an optional Value. To add more tags, repeat this step.
  6. Choose Save.

From TF

resource "aws_efs_file_system" "example" {
	creation_token = "FILE_SYSTEM_NAME"
	
	tags = {
		Name = "TAG_NAME"
	}
}

References

  1. https://docs.aws.amazon.com/efs/latest/ug/manage-fs-tags.html
  2. https://docs.aws.amazon.com/efs/latest/ug/API_TagResource.html
  3. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/efs_file_system

Amazon Elastic File System (EFS)

Amazon Elastic File System (Amazon EFS) provides simple, scalable, elastic file storage for use with AWS Cloud services and on-premises resources. It is easy to use and offers a simple interface that allows you to create and configure file systems quickly and easily. Amazon EFS is built to elastically scale on demand without disrupting applications, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it.

Compliance Frameworks

  • AWS CloudGuard Best Practices
  • AWS CloudGuard SOC2 based on AICPA TSC 2017
  • AWS HITRUST
  • AWS HITRUST v11.0.0
  • AWS ISO 27001:2013
  • AWS ISO27001:2022
  • AWS ITSG-33
  • AWS MAS TRM Framework
  • AWS MITRE ATT&CK Framework v10
  • AWS NIST 800-53 Rev 5
  • CloudGuard AWS All Rules Ruleset