AWS: Enable VPC Flow Logs
If you provided a S3 bucket during the stack creation from the CloudFormation template in the previous section, a S3 bucket is created by the template that acts as the destination for the VPC flow logs. Flow logs must be enabled for each of the VPCs.
To enable AWS VPC flow logs, follow the below steps:
Procedure
Step 1 | In the AWS Console, go to the VPCs section. |
Step 2 | Select the VPC and select the Flow Logs tab for that VPC. |
Step 3 | Select All as the filter. |
Step 4 | Select Send to an Amazon S3 bucket as the destination. |
Step 5 | Provide the S3 bucket ARN copied from the tutputs of the CloudFormation template stack. |
Step 6 | Choose Custom Format as the log record format. |
Step 7 | Select all the fields from the log format dropdown. |
Step 8 | Click Create Flow Log. |