Amazon EFS now Supports Additional Permissions for Finer-Grained Control of Directory and File Access

Posted on: Aug 25, 2017

Amazon Elastic File System (Amazon EFS) now supports the use of setgid and sticky bit special permissions on directories. This new capability allows you to further customize access permissions for shared directories across a set of file system users. When the setgid permission is set on a directory, files created in the directory belong to the group associated with the directory (instead of the group to which the user creating the file belongs). The sticky bit is used to restrict deletion and renaming of files to the owner of the file or directory or to the root user.

Amazon EFS also now supports running binary files that are configured as execute-only. This capability allows you to configure access permissions for executable files such that they can be only executed and not read or written.

These features are available on all new and existing file systems at no additional cost in all Amazon EFS regions. Please visit here to see the full list of supported regions.