Require Vpc Flow Logs For All Vpcs

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. After you’ve created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs. It is recommended that VPC Flow Logs be enabled for packet “Rejects” for VPCs.

VPC Flow Logs provide visibility into network traffic that traverses the VPC and can be used to detect anomalous traffic or insight during security workflows.

Impact

Recommended Actions

Follow the appropriate remediation steps below to resolve the issue.

1
2
3
4
5
6
7
8
9

resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
}

resource "aws_flow_log" "example" {
  log_group_name = "example"
  traffic_type   = "ALL"
  vpc_id         = aws_vpc.example.id
}

Links

• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/RootDeviceStorage.html