What is a VPC FlowLog?
VPC FlowLog is a feature of aws that captures the information about the IP traffic going to or from the network interfaces in a VPC.
Amazon FlowLog data can be either stored either by using the Amazon CloudWatchLogs or Amazon S3 bucket.
After you have created a FlowLog, you can view and retrieve the data from the Amazon CloudWatch Logs.
In short, we can say that VPC FlowLog is a way of storing the traffic going in a VPC.
FlowLogs serve a number of purposes:
Troubleshoot the problem "why specific traffic is not reaching an instance".
VPC FlowLog can also be used as a security tool to monitor the traffic which is reaching your instance.
Limitations of VPC FlowLog:
You cannot enable the flowlog of VPC that are peered with your VPC unless it has peered with the VPC in the same account.
While creating a flowlog, you cannot tag a flowlog.
Once you have created the flowlog, you cannot change its configuration. For example, if you associate an IAM role to the flowlog then you cannot change the IAM role. In such cases, you need to delete the flowlog and create the new flowlog with the desired configuration.
VPC FlowLog Levels
VPC FlowLogs
VPC FlowLogs can be created at three levels:
VPC
Subnet
Network Interface Level
How to create a VPC FlowLog
Sign in to the AWS Management Console.
Move to the VPC service and we can see from the below screen that VPC with the name javatpointvpc has already been created.
