Require Vpc Flow Logs For All Vpcs
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
VPCs are missing Flow Logs, which means information about network traffic—including rejected connection attempts—is not being captured or stored. This lack of logging reduces visibility into network activity within the VPC.
Impact#
Without VPC Flow Logs, it becomes difficult to detect suspicious traffic, investigate security incidents, or identify unauthorized access attempts. This can delay incident response and increase the risk of undetected breaches or policy violations.
Resolution#
Enable flow logs for VPC