In order to create VPC Flow logs, which of the following are required.
Choose 3 answers from the options given below.
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - A,B and C.
To create a flow log, you specify the resource for which you want to create the flow log, the type of traffic to capture (accepted traffic, rejected traffic, or all traffic), the name of a log group in CloudWatch Logs to which the flow log will be published, and the ARN of an IAM role that has sufficient permission to publish the flow log to the CloudWatch Logs log group.
Option D is INCORRECT because the kibana dashboard is a visualization tool and is used only to view the log data.
For more information on VPC Flow logs , please refer to the below URL:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.htmlVPC Flow Logs is a feature provided by AWS that captures information about the traffic going into and out of an Amazon Virtual Private Cloud (VPC). These logs can be used for various purposes like security analysis, network performance monitoring, and troubleshooting.
To create VPC Flow logs, you need to fulfill the following requirements:
The resource for which the log needs to be created: You need to specify the resource for which you want to create the VPC Flow logs. This could be an Amazon VPC, a subnet, a network interface, or a peering connection. Once you have identified the resource, you can configure the flow log to capture the desired traffic.
An IAM Role with privilege to publish the logs to Cloudwatch: To publish the VPC Flow logs to Cloudwatch, you need to have an IAM role with the necessary permissions. This role should have the "logs:CreateLogGroup" and "logs:CreateLogStream" permissions to create a log group and log stream respectively. Additionally, it should have the "logs:PutLogEvents" permission to publish logs to Cloudwatch.
A Cloudwatch Log Group: You also need to create a Cloudwatch Log Group where the VPC Flow logs will be stored. The log group is a container for the log streams and provides a way to organize and manage your logs.
Therefore, the correct answers are A, B, and C. The Kibana dashboard is not required to create VPC Flow logs but can be used to visualize and analyze the logs if required.