EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFLAB : Create VPC Flow Logs and Generate Traffic
LAB: Create an AWS VPC and VPC Flow Logs.
Topology:
Refer below Topology to configure VPC Flow logs.
Task:
- Create CloudWatch Logs
- Create an IAM Policy along with Create an IAM Role.
- Create a VPC: use default VPC with CIDR 172.31.0.0/16.
- Create an Internet Gateway (Use Default IGW) and attach to it.
- Create a Subnet (Use default Subnet for that VPC).
- Create VPC Flow Logs and Create an EC2 Instance Dclessons-FlowLogs-EC2.
- Generating Traffic and View log events in CloudWatch Log groups.
Solution:
Go to AWS Services | Management & Governance | Select CloudWatch
Under Cloud Watch | Logs : Log Groups : Click Create Log Groups
Under Log Groups Details : Name: Dclessons-Logs Keep all items by default | Click Create
Go to IAM Section | Under Policies | Click Create Policies
Select JSON and clear the existing text in the editor and paste the code below and click on Next:Tags
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"logs:Describe*",
"logs:DescribeLogStreams"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
Add Tags: No changes needed, click on Next: Review.
Under review Policy | Name: Dclessons-Policy | Click Create Policy
Go to IAM Roles , Under Roles | Click Create Roles | Select AWS Service and under usecase : Select EC2 | Click Next.
LEAVE A COMMENT
Please login here to comment.