Use VPC Flow Logs

2020/3/111 min read

Create Flow logs

Select the VPC to want to use flow logs, click action then click Create flow log.

Setup Destination log group

If you choose to send to CloudWatch logs, you'll have to set up a destination log group. Go to CloudWatch and choose Log groups.

Set up IAM role for flow logs

Click set up permission on the create VPC flow logs page, this UI will only show on old UI, which will create the following policy to enable flow logs to read and write to cloud watch.

Policy Document

 
{
  "Statement": [
    {
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:DescribeLogGroups",
        "logs:DescribeLogStreams",
        "logs:PutLogEvents"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

After setup flow logs, when you hit the EC2 using the VPC, you should see the following logs from log groups.

AWS VPC

More Blogs Like This

2023/2/3How to Create AWS EC2 by Terraform6 min read
2022/8/9How to Change DNS Nameservers from Godaddy to Point to AWS Route 531 min read
2021/9/11How to Auto Remediate AWS resources By Using AWS Config1 min read
2021/5/1How to Self-Hosted Sentry.io at AWS EC23 min read
2021/3/7List of AWS CloudTrail Record Fields3 min read