Last changed
Get notified of upcoming product changes, critical vulnerability notifications and patches and more.
Sign InAWS EFS CSI Driver FIPS image. Allows Kubernetes clusters to mount and manage Amazon Elastic File System (EFS) volumes, providing scalable and persistent shared storage.
The image is available on cgr.dev
:
EFS CSI driver requires IAM permissions to interact with your filesystem. This includes an IAM role and policies, as well as a service account and annotation to assume the role.
Refer to the Create an IAM role section of the upstream documentation for steps.
For full instruction, refer to the helm chart documentation.
Below is an example, of how to use the helm chart, using the Chainguard image,
and enabling useFips=true
, which instructs the EFS CSI driver to use the FIPS
service endpoint for AWS EFS:
Add the helm repo:
Install the chart:
EKS supports installation of the efs-csi-driver as an EKS add-on. There are instructions in the upstream documentation.
If you've chosen this installation method, there are two caveats to be aware of:
useFips
argument to force the EFS CSI to use FIPS endpointsYou'll need to patch the efs-csi-controller
deployment to use the Chainguard
image, however this is a step you'll need to repeat each time that you re-deploy
or upgrade the version via EKS add-ons.
Additionally, you'll need to patch the DaemonSets to set
AWS_USE_FIPS_ENDPOINT=true
. For reference, here is what the helm chart is
doing: efs-csi-driver helm chart
Chainguard Images contain software packages that are direct or transitive dependencies. The following licenses were found in the "latest" version of this image:
Apache-2.0
Artistic-1.0-Perl
BSD-1-Clause
BSD-2-Clause
BSD-3-Clause
BSD-4-Clause-UC
CC-PDDC
For a complete list of licenses, please refer to this Image's SBOM.
Software license agreementThis is a FIPS validated image for FedRAMP compliance.
This image is STIG hardened and scanned against the DISA General Purpose Operating System SRG with reports available.
Learn more about STIGsGet started with STIGs