This rule emphasizes on ensuring VPC flow logs are enabled to enhance security and monitoring within your VPC.
Rule | VPC flow logs should be enabled |
Framework | CISA-cyber-essentials |
Severity | ✔ High |
Rule Description:
VPC flow logs should be enabled for CISA-cyber-essentials to monitor network traffic and strengthen the security posture of the infrastructure. VPC flow logs capture information about the IP traffic going in and out of network interfaces in the VPC.
Rule Policy:
Troubleshooting Steps:
Necessary Codes (if any):
No specific codes are required for enabling VPC flow logs. It can be done through the AWS Management Console or using AWS CLI commands.
Step-by-Step Guide for Remediation:
Note: Ensure that the IAM role used for creating flow logs has the necessary permissions to write logs to the specified S3 bucket and create/update log groups.
By following these steps, VPC flow logs will be enabled for CISA-cyber-essentials, enhancing the monitoring capabilities and security of the infrastructure.