Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: VPC Flow Logs Should Be Enabled

Ensure VPC flow logs are enabled to enhance network security and monitoring.

RuleVPC flow logs should be enabled
FrameworkGeneral Data Protection Regulation (GDPR)
Severity
High

Rule Description:

VPC flow logs should be enabled to comply with the General Data Protection Regulation (GDPR).

Troubleshooting Steps (if applicable):

If VPC flow logs are not enabled, follow the steps below to troubleshoot:

  2. 1.
    Check if the necessary permissions are assigned to enable VPC flow logs.
  4. 2.
    Verify if the VPC flow log destination is properly configured.
  6. 3.
    Ensure that the appropriate log group is created in Amazon CloudWatch Logs.
  8. 4.
    Check for any errors or warnings in CloudTrail logs that could be preventing VPC flow log enablement.

Configuration Code (if applicable):

Here is an example code snippet to enable VPC flow logs for a specific VPC:

aws ec2 create-flow-logs --resource-type VPC --resource-ids vpc-12345678 --traffic-type ALL --log-destination-type cloud-watch-logs --log-destination user-flow-logs --log-format-version 2

Remediation Steps:

Follow the step-by-step guide below to enable VPC flow logs:

  2. 1.
    Log in to the AWS Management Console.
  4. 2.
    Open the Amazon VPC service.
  6. 3.
    In the left navigation pane, click on "Your VPCs."
  8. 4.
    Select the desired VPC for which you want to enable flow logs.
  10. 5.
    Click on the "Flow Logs" tab at the bottom.
  12. 6.
    Click on the "Create Flow Log" button.
  14. 7.
    Configure the following settings:
    • Log Destination: Choose an existing CloudWatch Logs group or create a new one.
    • IAM Role: Specify an IAM role with the necessary permissions for creating flow logs.
    • Filter: Choose the desired traffic types to be logged (e.g., All, Accept, Reject, etc.).
    • Log Format: Select the desired log format (version 2 is recommended).
  16. 8.
    Click on the "Create" button to enable flow logs for the selected VPC.

CLI Command:

To enable VPC flow logs using AWS CLI, use the following command:

aws ec2 create-flow-logs --resource-type VPC --resource-ids <VPC_ID> --traffic-type ALL --log-destination-type cloud-watch-logs --log-destination <LOG_GROUP_NAME> --log-format-version 2

Replace 

<VPC_ID>
with the actual VPC ID and 
<LOG_GROUP_NAME>
with the desired CloudWatch Logs group name.

Note: Make sure you have the necessary permissions to execute the AWS CLI command.

By following the above steps and using the provided command, you will be able to enable VPC flow logs to comply with the General Data Protection Regulation (GDPR) requirements.

Is your System Free of Underlying Vulnerabilities?
Find Out Now