Enable VPC Flow Logs Rule
This rule requires VPC flow logs to be enabled for enhanced security monitoring within the network infrastructure.
| Rule | VPC flow logs should be enabled |
| Framework | FedRAMP Moderate Revision 4 |
| Severity | ✔ High |
Rule Description:
This rule requires the enabling of VPC flow logs for AWS Virtual Private Cloud (VPC) resources that meet the compliance requirements of FedRAMP Moderate Revision 4. VPC flow logs capture information about IP traffic flowing in and out of VPC network interfaces, which helps in monitoring and analyzing network traffic for security and compliance purposes.
Troubleshooting Steps (if applicable):
- Verify if the VPC flow logs are enabled for the specified VPC. If not, proceed to enable them.
- Check if the VPC has the necessary logging permissions and resources to support VPC flow logs.
- Ensure that the VPC meets the FedRAMP Moderate Revision 4 compliance requirements. If not, take the necessary steps to bring it into compliance.
Necessary Codes (if applicable):
There are no specific codes required for this rule. However, you may need to use AWS CLI commands to enable VPC flow logs and set up the necessary permissions.
Step-by-Step Guide for Enabling VPC Flow Logs:
Follow the below steps to enable VPC flow logs for FedRAMP Moderate Revision 4 compliance:
Step 1: Access the AWS Management Console
- 1.Open a web browser and navigate to the AWS Management Console.
- 2.Enter your login credentials to access your AWS account.
Step 2: Navigate to the VPC Dashboard
- 1.In the AWS Management Console, search for "VPC" or select "VPC" under the "Services" menu.
- 2.Click on the "VPC Dashboard" option.
Step 3: Select the VPC
- 1.On the VPC Dashboard, select the VPC for which you want to enable VPC flow logs.
- 2.Check if the selected VPC meets the requirements of FedRAMP Moderate Revision 4.
Step 4: Enable VPC Flow Logs
- 1.From the VPC Dashboard, navigate to the "Flow Logs" tab.
- 2.Click on the "Create Flow Log" button.
- 3.Configure the following settings:
- For "Filter", select the VPC and other resources (if needed) to include in the flow logs.
- For "Destination Log Group", choose an existing log group or create a new one to store the flow logs.
- (Optional) Configure other settings like Log Format, IAM Role, and Encryption (if required).
- 4.Click on the "Create" button to enable the VPC flow logs.
Step 5: Verify VPC Flow Logs
- 1.After enabling the VPC flow logs, wait for a few minutes for the logs to start generating.
- 2.Navigate to the "Flow Logs" tab in the VPC Dashboard.
- 3.Verify that the flow logs for the specified VPC are active and generating the expected logs.
Additional Notes:
- It is recommended to regularly monitor and analyze the VPC flow logs to identify any potential security or compliance issues.
- Be sure to review the documentation and guidelines provided by AWS and FedRAMP for more detailed information on VPC flow logs and compliance requirements.