library
turbot/aws
- Associate IAM to EC2 Instance Profile
- Attach IAM Role Policy
- Change IAM User Password
- Create CloudTrail Trail
- Create CloudWatch Log Group
- Create CloudWatch Log Stream
- Create EBS Snapshot
- Create ELB Classic Load Balancer
- Create ELBv2 Load Balancer
- Create IAM Access Analyzer
- Create IAM Access Key
- Create Instance Profile
- Create IAM Policy
- Create IAM Role
- Create IAM User
- Create Lambda Function
- Create S3 Bucket
- Create SNS Topic
- Create SQS Queue
- Create VPC
- Create VPC Flow Logs
- Create VPC Security Group
- Create VPC Subnet
- Delete DynamoDB Table
- Delete EBS Snapshot
- Delete EBS Volume
- Delete EKS Node Group
- Delete ElastiCache Cluster
- Delete Elastic Load Balancer
- Delete ELB v2 Load Balancer
- Delete IAM Access Key
- Delete IAM Policy
- Delete IAM Role
- Delete IAM Server Certificate
- Delete IAM User
- Delete Lambda Function
- Delete NAT Gateway
- Delete Network ACL Entry
- Delete RDS DB Instance
- Delete Route 53 Health Check
- Delete S3 Bucket
- Delete Secrets Manager Secret
- Delete SNS Topic
- Delete SQS Queue
- Describe EBS Snapshots
- Describe EC2 Instances
- Describe IAM Instance Profile Associations
- Describe VPC Subnets
- Describe VPCs
- Detach EBS Volume
- Detach IAM User Policy
- Detach Network Interface
- Disassociate IAM Instance Profile
- Enable EBS Encryption by Default
- Enable KMS Key Rotation
- Enable Security Hub
- Get EBS Encryption by Default
- Get GuardDuty Finding
- Get Lambda Function
- Get S3 Bucket Versioning
- Get object from S3 bucket
- Get S3 Object Content
- Get S3 Public Access Block Configuration
- Get SNS Topic Attributes
- Get SQS Queue Attributes
- List GuardDuty Findings
- List IAM Access Keys
- List IAM Groups for User
- List IAM Users
- List S3 Buckets
- Modify API Gateway REST API stage
- Modify Client VPN Endpoint
- Modify EBS Snapshot
- Modify EBS Volume
- Modify EC2 Instance Attributes
- Modify EC2 Instance Metadata Options
- Modify ELB Attributes
- Modify Neptune DB Cluster
- Modify RDS DB Cluster
- Modify RDS DB Instance
- Put Alternate Contact
- Put event selectors to CloudTrail Trail
- Put IAM Role Policy
- Put KMS Key Policy
- Put S3 Bucket Encryption
- Put S3 Bucket Lifecycle policy
- Put S3 Bucket logging
- Put S3 Bucket policy
- Put S3 Public Access Block
- Put S3 Bucket Versioning
- Release VPC EIP
- Revoke VPC Security Group Ingress
- Launch EC2 Instances
- Set SNS Topic Attributes
- Set SQS Queue Attributes
- Start CloudTrail Trail logging
- Start EC2 Instances
- Stop EC2 Instances
- Subscribe to SNS Topic
- Tag Resources
- Terminate EC2 Instances
- Terminate EMR Clusters
- Test Create S3 Bucket
- Test Create SNS Topic
- Test Create SQS Queue
- Test Get Lambda Function
- Test List IAM Users
- Test Run EC2 Instance
- Test Put S3 Bucket Versioning
- Test Enable and Disable S3 Bucket Versioning
- Test Run EC2 Instance
- Test Start and Stop EC2 Instance
- Untag Resources
- Update Cloudtrail Trail
- Update DynamoDB Table Continuous Backup
- Update DynamoDB Table
- Update IAM Access Key
- Update IAM Account Password Policy
- Update Route 53 Record
Get Involved
Version
Create VPC Flow Logs
Sets up flow logs for a specified VPC to monitor its network traffic.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws.pipeline.create_vpc_flow_logs \ --arg 'region=<string>' \ --arg 'vpc_id=<string>' \ --arg 'log_group_name=<string>' \ --arg 'iam_role_arn=<string>'Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws.pipeline.create_vpc_flow_logs args = { region = <string> vpc_id = <string> log_group_name = <string> iam_role_arn = <string> }}Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| region | string | Yes | The name of the Region. | - |
| cred | string | Yes | Name for credentials to use. If not provided, the default credentials will be used. | default |
| vpc_id | string | Yes | The ID of the VPC for which to enable flow logs. | - |
| log_group_name | string | Yes | The name of the CloudWatch Logs log group where the flow logs will be stored. | - |
| traffic_type | string | Yes | The type of traffic to log. Valid values are 'ACCEPT', 'REJECT', or 'ALL'. | ALL |
| iam_role_arn | string | Yes | The ARN of the IAM role that has permission to create flow logs. | - |
Outputs
| Name | Description |
|---|---|
| flow_log_creation | Details about the creation of VPC flow logs. |