AWS — VPC Flow Logs Overview

Introduction to AWS VPC Flow Logs — What is VPC Flow Logs?

Source: AWS Docs

TL;DR

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your the VPC.

You can create a flow log for:
1. VPC
2. Subnet
3. Network Interface (not Instance)

Flow Log data can be published to:
1. CloudWatch Logs
2. S3

To create a flow log, you specify:
1. Resource for which to create the flow log.
2. Type of traffic to capture (accepted traffic, rejected traffic, or all traffic).
3. Destinations to which you want to publish the flow log data.

Flow Logs Key points

1. Flow log data is collected outside of the path of your network traffic, and therefore does not affect network throughput or latency. You can create or delete flow logs without any risk of impact to network performance.
2. Flow logs do not capture real-time log streams for your network interfaces.
3. Security Groups and Network ACLs don’t filter traffic to or from link-local addresses or…