VPC Flow Log
Captures IP traffic to/from network interfaces in a VPC.
Configuration
Section titled “Configuration”| Setting | Type | Required | Default |
|---|---|---|---|
| Resource type Options: VPC, Subnet, Network interface, Transit gateway, TGW attachment | Choice | — | VPC |
| Resource ID | Text | — | — |
| Traffic type Options: Accepted, Rejected, All | Choice | — | ALL |
| Destination type Options: CloudWatch Logs, S3, Kinesis Firehose | Choice | — | cloud-watch-logs |
| Destination ARN | Text | — | — |
| IAM role ARN (CloudWatch) | Text | — | — |
| Log format (custom) | Text | — | — |
| Max aggregation interval (s) | Number | — | 600 |
| File format (S3) Options: Plain text, Parquet | Choice | — | plain-text |
| Hive-compatible partitions (S3) | Toggle | — | false |
| Per-hour partition (S3) | Toggle | — | false |
| Tags | Key–value | — | — |
Connections
Section titled “Connections”| Socket | Direction | Accepts | Terraform arg |
|---|---|---|---|
| Source (VPC / subnet / ENI) | Input | aws.vpc, aws.subnet | vpc_id |
| Log destination | Output | aws.s3, aws.cloudwatch-log-group, aws.kinesis-firehose | log_destination |