Practitioner Level

Enabling AWS VPC Flow Logs with Automation

Pricing
45 minutes
  • 2 Learning Objectives

About this Hands-on Lab

In this lab, we’ll solve a real-world scenario where we want to automate the creation of VPC Flow Logs whenever we create a new VPC.

We’ll accomplish this with a CloudWatch rule and a Lambda function.

[GitHub Repository](https://github.com/linuxacademy/la-aws-security_specialty/tree/master/Enabling-VPC-Flow-Logs-with-Automation)

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create CloudWatch rule for `CreateVpc` API call.
  1. Navigate to CloudWatch.
    • Click Create rule.
    • Select Event Pattern.
    • Service Name: EC2
    • Event Type: AWS API Call via CloudTrail
    • Specific Operation: "CreateVpc"
    • Note that eventName sets CreateVpc in the preview
    • Click Add target.
    • Select Lambda function EnableVpcFlowLogs.
    • Click Configure details.
Create a VPC.

Open the VPC service. Click Create VPC.

  1. Click Select
  2. Name: myvpc
  3. Click Create VPC (use a IP v4 CIDR like 10.0.0.0/16)
  4. Click OK
Contact SalesSee Pricing

Additional Resources

Make sure you are in us-east-1.

Enable the CloudWatch rule to capture the EC2 CreateVpc API call, and trigger the Lambda function to create VPC Flow Logs.

We'll accomplish this with a CloudWatch rule and a Lambda function. https://github.com/linuxacademy/la-aws-security_specialty/tree/master/Enabling-VPC-Flow-Logs-with-Automation

NOTE: AWS have relocated the Lambda function permissions to their own tab. What now occupies its former place is "Destinations", which refers to the new Lambda Async Destinations. In previous versions of the console, this area was used to show what services the Lambda Function had permission to interact with.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization