LAB : Create VPC Flow Logs and Generate Traffic
LAB: Create an AWS VPC and VPC Flow Logs.
Refer below Topology to configure VPC Flow logs.
- Create CloudWatch Logs
- Create an IAM Policy along with Create an IAM Role.
- Create a VPC: use default VPC with CIDR 172.31.0.0/16.
- Create an Internet Gateway (Use Default IGW) and attach to it.
- Create a Subnet (Use default Subnet for that VPC).
- Create VPC Flow Logs and Create an EC2 Instance Dclessons-FlowLogs-EC2.
- Generating Traffic and View log events in CloudWatch Log groups.
Go to AWS Services | Management & Governance | Select CloudWatch
Under Cloud Watch | Logs : Log Groups : Click Create Log Groups
Under Log Groups Details : Name: Dclessons-Logs Keep all items by default | Click Create
Go to IAM Section | Under Policies | Click Create Policies
Select JSON and clear the existing text in the editor and paste the code below and click on Next:Tags
Add Tags: No changes needed, click on Next: Review.
Under review Policy | Name: Dclessons-Policy | Click Create Policy
Go to IAM Roles , Under Roles | Click Create Roles | Select AWS Service and under usecase : Select EC2 | Click Next.