search

awslabs / aws-config-resource-schema

AWS Config resource schema define the properties and types of AWS Config resource configuration items (CIs). Resource CI schema are used by developers when performing advanced resource queries and when processing CI data.
Apache License 2.0
233 stars 60 forks source link

Incorrect ResourceId for EC2 Flow Logs #9

Closed rogergzousc closed 2 years ago

rogergzousc commented 4 years ago

Per https://aws.amazon.com/blogs/aws/vpc-flow-logs-log-and-view-network-traffic-flows/, you can create up to two Flow Logs on one resource.

I would expect that the Resource Id would be the Flow Log id. But instead it is the VPC id. This doesn't make sense, because the post seems to indicate that a VPC can have two Flow Logs, which would then share the same Resource Id.

Example I'm seeing in the logs:

resourceId | vpc-cXXeXXaX resourceType | AWS::EC2::FlowLog

which I expect should be fl-0dXXXcXX, the flowLogId

tjdasso commented 2 years ago

This issue has been fixed - configuration items for the AWS::EC2::FlowLog resource type now populate the resourceId property with the flow log ID instead of the VPC ID.