AWS > Ec2 >

Require Vpc Flow Logs For All Vpcs

MEDIUM
Source
Trivy
ID
AVD-AWS-0178

VPC Flow Logs provide visibility into network traffic that traverses the VPC and can be used to detect anomalous traffic or insight during security workflows.

Impact

Follow the appropriate remediation steps below to resolve the issue.

Enable flow logs for VPC

1
2
3
4
5
6
7
8
9
resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_flow_log" "example" {
  log_group_name = "example"
  traffic_type   = "ALL"
  vpc_id         = aws_vpc.example.id
}