Wednesday, July 8, 2020

VPC Flow Logs


VPC Flow Logs
-       https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html 
-       A feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data can be published to Amazon CloudWatch Logs or Amazon S3. After you've created a flow log, you can retrieve and view its data in the chosen destination.
-       Can collect per network interface – VPC, Subnet or NIC (network interface)
-       Can specify what traffic to capture: accepted / rejected /all
-       Limitations:
         -       Can't tag flows
         -       Can’t change flow configuration after its created
         -       Can’t enable VPC-to-VPC logging unless both are under the same account
         -       Not real time – takes approx. 10 min to collect
         -       Not all traffic is captured – limitations are documented:
                  -       From EC2 to Route 53 – can’t capture
                  -       From EC2 to my own DNS – can capture
  
Posted by

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)