Back to All Checks
High EC2 Regional

VPC flow logging should be enabled in all VPCs

CISPCI DSSNISTISO 27001HIPAA

Description

Checks whether VPC flow logging is enabled in all VPCs.

Remediation

To enable VPC flow logging for a specific VPC, follow these steps:

Steps

  1. Log in to the AWS Management Console.
  2. Navigate to the VPC Dashboard at https://console.aws.amazon.com/vpc/.
  3. In the navigation pane, click on 'Your VPCs'.
  4. Select the VPC where you want to enable flow logging.
  5. In the 'Actions' dropdown, select 'Flow logs' and then 'Create flow log'.
  6. For 'Filter', select the type of traffic to log (Accept, Reject, or All).
  7. Choose a destination for the flow logs (CloudWatch Logs or S3).
  8. If you choose CloudWatch Logs, select or create a log group. If you choose S3, specify the S3 bucket and prefix.
  9. Set the required permissions by either selecting an existing IAM role or creating a new one.
  10. Click 'Create'.

Compliance

CISPCI DSSNISTISO 27001HIPAA
Start Your Free Security Check