Creating a Security Group for the EFS Mount Targets

In the last lesson, we created the mount targets, but we didn’t add security groups. We need to follow up on this now.

The security group needs to allow our WordPress instances within our VPC to access the EFS mount points.

Do you remember how we created the security group for our RDS database?

The steps are the same for the EFS file system (just with a different port).

Let’s quickly recap what we need:

• We need to create the security group in our custom VPC.
• The security group should be named efs-access.
• The description should be Allow EFS access from VPC.
• We need the team=wordpress tag.
• We need to allow access from our VPC with CIDR 10.0.0.0/16 to the mount targets.
• We need to allow access on port 2049 (NFS) via TCP.