Closed dms1981 closed 1 year ago
dms1981
commented
1 year ago NB. In order to accurately gauge which traffic is passing through without matching a rule, it is strongly suggested that - at first - we have an open rule at the end of the rulebase with an alert action. This will have the effect of allowing traffic to pass, while also logging these exceptions to our rules.
markgov
commented
1 year ago inital code writen and pr created to capture that code
markgov
commented
1 year ago Code Created and tested via a plan 46 flow logs would be created pr up for review
markgov
commented
1 year ago code updated to encrypt the log files and to pull the attachments id's down into a data block
markgov
commented
1 year ago flow logs implemented
User Story
As a Modernisation Platform Engineer I want to implement Transit Gateway flow logs So that I have access to logging data when investigation traffic flows in and out of the Modernisation Platform
User Type(s)
Modernisation Platform Engineer Modernisation Platform Customer
Value
By implementing AWS Transit Gateway flow logs we can confirm the passage of traffic through our Transit Gateway. We can correlate this information with our existing VPC flow logs should we need to investigate questions around network flow.
Questions / Assumptions / Hypothesis
Proposal
In situations where our routing is correctly configured we're unlikely to have problems with networking. However, as we expand our configuration of the AWS Network Firewall and move to a security posture where traffic is only permitted by design, we may find ourselves wanting to investigate traffic flows in more detail.
Definition of done
Reference
How to write good user stories Logging network traffic using Transit Gateway Flor Logs