Create and Manage VPC Flow Logs
Learn how to create and manage VPC flow logs.
Having grasped the fundamentals of VPC flow logs, the next step is to learn how to create and manage them. We will create flow logs at the VPC level, enabling flow logs for the entire VPC, and then publish the logs to AWS CloudWatch.
Create an IAM role for publishing logs
To allow VPC flow logs to be published to AWS CloudWatch, the flow log must have access to and write logs to the CloudWatch log group. To grant permissions to the flow logs, we’ll create an
Create an IAM policy
The following policy defines the permissions required to publish flow logs to AWS CloudWatch. The policy is always written in JSON in IAM.
IAM policy for publishing logs
Get hands-on with 1200+ tech skills courses.