Cannot init the EFS volume

[victor-axelsson]

When starting the task, for some reason, the EFS cannot be mounted.

ResourceInitializationError: failed to invoke EFS utils commands to set up EFS volumes: stderr: b'mount.nfs4: mounting fs-<some numbers>.efs.<region>.amazonaws.com:/grafana failed, reason given by server: No such file or directory' : unsuccessful EFS utils command execution; code: 32

It there some misconfiguration with the network or security groups?

[jwavoet]

I solved it by adding an aws_efs_access_point to the ECS service:

resource "aws_efs_access_point" "ecs_service_storage" {
  file_system_id = aws_efs_file_system.ecs_service_storage.id

  posix_user {
    gid = 0
    uid = 472
  }

  root_directory {

    creation_info {
      owner_gid   = 0
      owner_uid   = 472
      permissions = 0755
    }

    path = "/grafana"
  }
}

resource "aws_ecs_task_definition" "ecs_task_definition" {
  family                   = var.service_name
  container_definitions    = local.container_definitions
  network_mode             = "awsvpc"
  cpu                      = var.cpu
  memory                   = var.memory
  requires_compatibilities = ["FARGATE"]
  task_role_arn            = aws_iam_role.ecs_task_role.arn
  execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn

  volume {
    name = "grafana-db"

    efs_volume_configuration {
      file_system_id     = aws_efs_file_system.ecs_service_storage.id
      root_directory     = "/"
      transit_encryption = "ENABLED"
      authorization_config {
        access_point_id = aws_efs_access_point.ecs_service_storage.id
        iam             = "DISABLED"
      }
    }
  }
}

The access point gives the grafana user the correct permissions to write files and folders to EFS.

I created a PR that includes this solution and several other fixes to have this module working again: https://github.com/56kcloud/terraform-grafana/pull/5