Closed chelma closed 11 months ago
awick
commented
11 months ago I think I original put that in there because I was copying something else. :) Thoughts about A) removing B) reducing 10 years to some other default C) command line option
I'm thinking removing might be the best, then folks could just add if they really wanted. Thoughts?
chelma
commented
11 months ago Flow Logs are considered a VPC Best Practice [1], but for large clusters I could see this become a substantial additional cost with unclear value for many users. I'm inclined to remove, and let users add it to their setup as desired.
[1] https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-best-practices.html
Description
Currently, VPC Flow logs are enabled by default for the Capture and Viewer VPCs with 10 year retention. This can get expensive. We should make this optional.
Acceptance Criteria