# efs-access-point-enforce-user-identity
<a name="efs-access-point-enforce-user-identity"></a>

Checks if Amazon Elastic File System (Amazon EFS) access points are configured to enforce a user identity. The rule is NON\$1COMPLIANT if 'PosixUser' is not defined or if parameters are provided and there is no match in the corresponding parameter. 



**Identifier:** EFS\$1ACCESS\$1POINT\$1ENFORCE\$1USER\$1IDENTITY

**Resource Types:** AWS::EFS::AccessPoint

**Trigger type:** Configuration changes

**AWS Region:** All supported AWS regions except Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Malaysia), Mexico (Central), Israel (Tel Aviv), Asia Pacific (Taipei), China (Ningxia) Region

**Parameters:**

approvedUids (Optional)Type: CSV  
Comma-separated list of POSIX user ID that are approved for EFS access point user enforcement.

approvedGids (Optional)Type: CSV  
Comma-separated list of POSIX group IDs that are approved for EFS access point user enforcement.

## AWS CloudFormation template
<a name="w2aac20c16c17b7d689c19"></a>

To create AWS Config managed rules with AWS CloudFormation templates, see [Creating AWS Config Managed Rules With AWS CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).