in AWS:
I am trying to share an EFS storage between EC2 instance and lambda function;
I have created an access point ap-1 for EC2 instance at first:
Root directory path: /myapp/files
POSIX user:
User ID: 1234 Group ID: 1234
Root directory creation permissions Owner user ID: 1234 Owner group ID: 1234 Permissions: 777
And it is working, I can move files, unzip files in the mounted EFS, after I mount the EFS to EC2 instance through this access point;
However, when I let the lambda function use this ap-1, it fails and with Error: EACCES: permission denied when running mkdir command;
I did some search created another access point ap-2 for lambda function:
Root directory path: /myapp/files
POSIX user:
User ID: 1000 Group ID: 1000
Root directory creation permissions Owner user ID: 1000 Owner group ID: 1000 Permissions: 0777
And it works for the lambda function;
The key is that I need to set user 1000 in the access point for lambda function to use;
I figured that Both EC2 instance and lambda should use the same access point, since there is no need to use separate ones. So that I mounted the EFS to ec2 instance using ap-2 instead of ap-1.
However, now EC2 instance is failing with Error: EACCES: permission denied when running mkdir command in the EFS;
Question:
How can I mount EFS to EC2 instance and lambda function, using the same access point?
If I should use separate access points instead, is there any pitfalls when both party need to access and modify the same file in EFS?