01 - VPC Flow Logs Enabled

 

Ensure each VPC that you have enabled has Flow Logs enabled

Ensure that your VPCs have flow logs enabled in order to understand traffic patterns and trouble shoot issues. Flow logs can also give you valuable data in case of a security breach to understand how lateral movement may have occurred. This is considered a security best practice and should always be done. Ensuring this is enabled will help with NIST and PCI-DSS compliance.

Audit & Remediation

  • Login into your AWS account
  • Navigate to the VPC service at: https://console.aws.amazon.com/vpc
  • On the left hand panel select Your VPCs.
  • select the hyperlink under VPC ID for the VPC you would like to examine.

 

 

  • Select the tab Flow logs and validate if a Flow log is configured

 

 

  • If nothing is configured under Flow logs, then select the button Create flow log.
  • !Important if this is the first time configuring a VPC flow log in this region, you will need to create an cloudwatch log group first in order to have your flow logs written. You can do this by opening up cloudwatch https://console.aws.amazon.com/cloudwatchWe strongly recommend VpcFlowLogs. Set the Retention setting to what your organization requires for log retention.

 

 

  • Set theName of the log to the VPCId that you are creating the flow log for.
  • Under Filter select All in order to collect both success and failure records.
  • Under IAM Role select the IAM role named flowlogsRole or a role that you have created that has correct permissions. If you have not created a role for this or the role flowlogsRole then select the hyperlink Set up permissions to automatically create this role.

 

 

  • Repeat the outlined steps and do this for each VPC that you have enabled in your account.
See all of your AWS VPCs in a single place!

Do you want to see all VPCs in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +

Contact us

LDAPTIVE, LLC.
Mount Pleasant, SC
USA
Email: info@ldaptive.com
Intelligent Discovery ™

LDAPTIVE, LLC 2018 © All Rights Reserved. Privacy Policy | Terms of Service