modify_mount_target_security_groups

EFS.Client.modify_mount_target_security_groups(**kwargs)

Modifies the set of security groups in effect for a mount target.

When you create a mount target, Amazon EFS also creates a new network interface. For more information, see CreateMountTarget. This operation replaces the security groups in effect for the network interface associated with a mount target, with the SecurityGroups provided in the request. This operation requires that the network interface of the mount target has been created and the lifecycle state of the mount target is not deleted .

The operation requires permissions for the following actions:

  • elasticfilesystem:ModifyMountTargetSecurityGroups action on the mount target's file system.
  • ec2:ModifyNetworkInterfaceAttribute action on the mount target's network interface.

See also: AWS API Documentation

Request Syntax

response = client.modify_mount_target_security_groups(
    MountTargetId='string',
    SecurityGroups=[
        'string',
    ]
)
Parameters
  • MountTargetId (string) --

    [REQUIRED]

    The ID of the mount target whose security groups you want to modify.

  • SecurityGroups (list) --

    An array of up to five VPC security group IDs.

    • (string) --
Returns

None

Exceptions

  • EFS.Client.exceptions.BadRequest
  • EFS.Client.exceptions.InternalServerError
  • EFS.Client.exceptions.MountTargetNotFound
  • EFS.Client.exceptions.IncorrectMountTargetState
  • EFS.Client.exceptions.SecurityGroupLimitExceeded
  • EFS.Client.exceptions.SecurityGroupNotFound

Examples

This operation modifies the security groups associated with a mount target for a file system.

response = client.modify_mount_target_security_groups(
    MountTargetId='fsmt-12340abc',
    SecurityGroups=[
        'sg-abcd1234',
    ],
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}