The service always supports mounting the file system from compute instances using the Network File System (NFS) protocol over the provider network.
Storage / File Storage / Capabilities / DEV
NFS Protocol Mount Access
CCC.FileStor.CP02
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.FileStor.TH01 | Unauthorized NFS Mount Access is Permitted | Network access rules or mount configuration may allow clients outside the intended virtual network scope to mount the file system over NFS. Mount requests from unauthorized clients are accepted and read-write access to the shared namespace is granted. This impacts confidentiality and integrity of stored file content and may affect availability through unauthorized modification or deletion. |
| CCC.FileStor.TH03 | File Content is Modified Through Shared Writable Mount | A writable NFS mount exposed to multiple clients may be used to modify, encrypt, or delete files across the shared namespace without application-level coordination. File content is altered or rendered inaccessible at scale across the mounted file system. This impacts integrity and availability of stored data and dependent workloads. |