Need help?

Our experts have had an average response time of 13.14 minutes in February 2024 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Amazon EFS read-only file system: How to fix

by | Sep 5, 2021

One of the most common queries we get from our AWS customers is “Why is Amazon EFS read-only file system?” We can help you with fixing this issue!

Here at Bobcares, we often handle requests from our customers to fix similar AWS queries.

Today, let’s see the steps followed by our Support Techs to help our customers to fix this ‘unable to write Amazon EFS filesystem issue.

 

Amazon EFS read-only file system

 
There are two common issues that prevent us from writing the Amazon EFS filesysytem and they are:

  • If we set to read-only access for the mount option in the /etc/fstab file.
  • The root access disabled or AWS Identity and IAM policy indicates read-only access.

 

Mount option in the /etc/fstab file

 

  1. For checking the current mount options for the file system, we need to run the following command:
$ mount -t nfs4

For example, the output is:

file-system-id.efs.region.amazonaws.com:/ on /efs type nfs4 (ro,relatime,vers=4.1,rsize=1048576,wsize=1048576,namlen=255,hard,noresvport,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=192.0.2.0,local_lock=none,addr=192.0.0.0)

Here, ro indicates that the filesystem allows read-only access.
2. Now, we can change the mount parameter to read/write access in the /etc/fstab file by editing the file.

file-system-id:/ efs-mount-point efs rw,_netdev 0 0

Here rw indicates that the filesystem allows read/write access.
3. Then to unmount and remount the file system, run the following command.

$ sudo mount -o remount,rw /efs -t efs && mount -t nfs4
file-system-id.efs.region.amazonaws.com:/ on /efs type nfs4 (rw,relatime,vers=4.1,rsize=1048576,wsize=1048576,namlen=255,hard,noresvport,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=190.0.2.0,local_lock=none,addr=190.0.2.0)

4. Finally, we need to confirm that we can write to the file system by creating or editing a file in the file system.
 

Verifying the permissions

 
To verify that the permissions set correctly, we need to follow steps below:

  1. Firstly, log in to the AWS management console and then open the Amazon EFS console.

2. Then select the file system , and then select View details.

3. Select Edit from the File system policy tab.

4. Then we need to uncheck the following options, if it is selected:

Prevent root access by default
Enforce read-only access by default

5. Select the Set policy and then select Save policy.

6. Now for unmounting the file system, run the command :

$ sudo umount /efs

7. Then we need to run the mount command to mount the file system again to apply the changes.

$ sudo mount -t efs -o iam fs-file-system-id /efs

9. To preserve the new mount after reboot, we need to add the following line to the /etc/fstab.

For Mounting with IAM authorization to an instance that has an instance profile:

file-system-id:/ efs-mount-point efs _netdev,iam 0 0

Mount with IAM authorization to a Linux instance using a credentials file:

file-system-id:/ efs-mount-point efs _netdev,iam,awsprofile=namedprofile 0 0

Mount using an EFS access point:

file-system-id efs-mount-point efs _netdev,accesspoint=access-point-id 0 0

10. Finally, we need to confirm that we can write to the file system by creating or editing a file in the file system.

[Need help with more AWS queries? We’d be happy to assist]
 

Conclusion

 
To conclude, today we discussed the steps followed by our Support Engineers to help our customers to fix “Why is Amazon EFS file system read-only ?” issue.

2 Comments

  1. Steve Johnson

    Was so hopeful that this article would point out my problem. But all of this checks out for me, and I still can’t write to my EFS volume. All of the POSIX permissions look right too.

    Reply
    • Hiba Razak

      Hi Steve,
      Our experts can help you with the issue.we will be happy to talk to you through our live chat(click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF