search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.57k stars 3.87k forks source link

FlowLog: add support for `log_format` parameter #19316

Closed charbyzard closed 1 year ago

charbyzard commented 2 years ago

Description

It would be nice if passing a value for the VPC FlowLog logFormat parameter was exposed through the higher-level FlowLog construct. Currently, the only way to use this feature seems to be through the lower level CfnFlowLog construct.

It seems like the L2 construct for FlowLogs was introduced before this feature came out and simply never got updated.

Use Case

The current default is to use log only the values defined in the v2 specification, which excludes a lot of useful information (such as the tcp_flags parameter, which indicates if a given packet was SYN/ACK/SYN-ACK/RST/FIN). The only way to specify a custom log format that includes desirable information is to use the lower level CloudFormation wrapper construct, which is more cumbersome to work with.

Proposed Solution

Update the FlowLog module to support the logFormat property.

Other information

Reference documentation: Logging IP traffic with VPC Flow Logs

Acknowledge

corymhall commented 2 years ago

@charbyzard we currently have an open PR to implement this functionality.

https://github.com/aws/aws-cdk/pull/16279

ghost commented 2 years ago

@charbyzard I won't have time to work on https://github.com/aws/aws-cdk/pull/16279 for a while so don't hesitate if you want to contribute

watany-dev commented 2 years ago

Yes, I will continue to work on this.

github-actions[bot] commented 1 year ago

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.