Skip to main content

πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)

  • Contextual name: πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)
  • ID: /frameworks/cis-aws-v4.0.1/03/07
  • Located in: πŸ’Ό 3 Logging

Description​

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. After you've created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs. It is recommended that VPC Flow Logs be enabled for packet "Rejects" for VPCs.

Similar​

  • Sections
    • /frameworks/cis-aws-v5.0.0/03/07
    • /frameworks/cis-aws-v4.0.0/03/07

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v4.0.0 β†’ πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)1
πŸ’Ό CIS AWS v5.0.0 β†’ πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v4.0.0 β†’ πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)1
πŸ’Ό CIS AWS v5.0.0 β†’ πŸ’Ό 3.7 Ensure VPC flow logging is enabled in all VPCs (Automated)1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS VPC Flow Logs are not enabled 🟒1🟠 x1, 🟒 x5