Aws-cdk: [aws-efs] Cannot import an existing EFS Access Point to use with a lambda function

Created on 6 Oct 2020 · 4Comments · Source: aws/aws-cdk

Cannot use efs.AccessPoint.fromAccessPointId() with lambda.FileSystem.fromEfsAccessPoint(). the former returns an IAccessPoint when the later expect an AccessPoint. I think following the CDK guidelines, lambda.FileSystem.fromEfsAccessPoint() should expect an IAccessPoint, not an AccessPoint.

Argument of type 'IAccessPoint' is not assignable to parameter of type 'AccessPoint'.

Reproduction Steps

filesystem: lambda.FileSystem.fromEfsAccessPoint(
  efs.AccessPoint.fromAccessPointId(this, 'ap', props.ap.accessPointId),
  '/mnt/efs',
),

What did you expect to happen?

I would expect the CDK to let me use an existing VPC, FileSytem and AccessPoint for my new Lambda function.

I would also expect the AccessPoint class to provide a fromAccessPointAttributes() method to import the data that would accept AccessPointId and FileSystem attributes.

What actually happened?

I was not able to import an existing AccessPoint. I ended up creating a new AccessPoint within the same stack as my lambda function.

Environment

CLI Version : 1.66.0
Framework Version: 1.66.0
Node.js Version: 12.16.3
OS : Linux Ubuntu 18
Language (Version): TypeScript (3.8.3)

Other

I would expect to have a efs.AccessPoint.fromAccessPointAttributes() to import an Access Point. The fromAccessPointId() doesn't actually import the FileSystem and that's an issue when using it in the lambda function.

Here is an example of how it would look like:

interface LambdaStackProps extends StackProps {
  vpcId: string;
  publicSubnetsId: string[];
  privateSubnetIds: string[];
  availabilityZones: string[];
  efs: efs.IFileSystem;
  ap: efs.IAccessPoint;
  sg: ISecurityGroup;
}

class LambdaStack extends Stack {
  fn: lambda.IFunction;
  constructor(scope: Construct, id: string, props: LambdaStackProps) {
    super(scope, id, props);

    let vpc = Vpc.fromVpcAttributes(this, 'vpc', {
      vpcId: props.vpcId,
      availabilityZones: props.availabilityZones,
      publicSubnetIds: props.publicSubnetsId,
      privateSubnetIds: props.privateSubnetIds,
    });

    let fileSystem = lambda.FileSystem.fromEfsAccessPoint(
      efs.AccessPoint.fromAccessPointAttributes(this, 'ap', {
        accessPointId: props.ap.accessPointId,
        fileSystem: efs.FileSystem.fromFileSystemAttributes(this, 'efs', {
          fileSystemId: props.efs.fileSystemId,
          securityGroup: SecurityGroup.fromSecurityGroupId(this, 'sg', props.sg.securityGroupId),
        }),
      }),
      '/mnt/efs',
    );

    this.fn = new lambda.Function(this, 'lambda', {
      runtime: lambda.Runtime.NODEJS_12_X,
      code: lambda.Code.fromInline('exports.handler = function(event, ctx, cb) { return cb(null, "hi"); }'),
      handler: 'index.handler',
      vpc: vpc,
      filesystem: fileSystem,
    });
  }
}

This is :bug: Bug Report

[x] :wave: I may be able to implement the fix
[x] :warning: This fix might incur a breaking change

@aws-cdaws-efs @aws-cdaws-lambda bug efforsmall in-progress p1

Source

DaWyz

👍1

All 4 comments

I created a Pull Request for this. I would be happy to get feedback on it. Happy to rework if needed.

DaWyz on 6 Oct 2020

❤1

@DaWyz Did you able to make it work, I need to do kind of same work?

hassanazharkhan on 10 Nov 2020

@hassanazharkhan There is an implementation in https://github.com/aws/aws-cdk/pull/10712/files to make it work. You could try using this if you really need to. Otherwise, I would just create a new AccessPoint until this issue is resolved.

DaWyz on 11 Nov 2020

👍1

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.