Amazon VPC provides an option to enable flow logs for whole VPCs, subnets, or specific ENIs. This aggregates and
stores logs of network traffic flows with details about source/destination, ENIs, instance IDs (when applicable),
and the amount of data transferred. The subnets created as part of CDK do not have flow logs, so traffic involving the network interfaces in those subnets are not logged for future review or monitoring.
Create a way for user to enable VPC logs if needed.
abbashus
commented
2 years ago
Amazon VPC provides an option to enable flow logs for whole VPCs, subnets, or specific ENIs. This aggregates and stores logs of network traffic flows with details about source/destination, ENIs, instance IDs (when applicable), and the amount of data transferred. The subnets created as part of CDK do not have flow logs, so traffic involving the network interfaces in those subnets are not logged for future review or monitoring.
Create a way for user to enable VPC logs if needed.