Skip to main content

πŸ’Ό [EC2.6] VPC flow logging should be enabled in all VPCs

  • Contextual name: πŸ’Ό [EC2.6] VPC flow logging should be enabled in all VPCs
  • ID: /frameworks/aws-fsbp-v1.0.0/ec2/06
  • Located in: πŸ’Ό Elastic Compute Cloud (EC2)

Description​

With the VPC Flow Logs feature, you can capture information about the IP address traffic going to and from network interfaces in your VPC. After you create a flow log, you can view and retrieve its data in CloudWatch Logs. To reduce cost, you can also send your flow logs to Amazon S3.

By default, the record includes values for the different components of the IP address flow, including the source, destination, and protocol.

Similar​

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AC-4(26) Information Flow Enforcement _ Audit Filtering Actions7
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AU-2 Event Logging46
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AU-3 Content of Audit Records31320
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories6
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis6
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AU-12 Audit Record Generation44547
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό CA-7 Continuous Monitoring68
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events6
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 10.3.3 Date and time.1
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 10.3.4 Success or failure indication.1
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 10.3.5 Origination of event.1
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 10.3.6 Identity or name of affected data, system component, or resource.1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS VPC Flow Logs are not enabled 🟒1🟠 x1, 🟒 x5

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-9c0416671