Ensure VPCs are configured with flow logs enabled to capture traffic information.
Networking / VPC / Controls / DEV
Enforce VPC Flow Logs on VPCs
CCC.VPC.CN04 · Observability
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.VPC.CP16 | Flow Logs | Ability to capture information about the IP traffic going through the VPC. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.VPC.TH04 | Lack of Network Visibility due to Disabled VPC Flow Logs | VPC subnets with disabled flow logs lack critical network traffic visibility, which can lead to undetected unauthorized access, data exfiltration, and network misconfigurations. This lack of visibility increases the risk of undetected security incidents. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.VPC.CN04.AR01 | When any network traffic goes to or from an interface in the VPC, the service MUST capture and log all relevant information. | tlp-amber, tlp-red |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| NIST-CSF | PR.PT-1 | |
| ISO_27001 | 2013 A.12.4.1 | |
| NIST_800_53 | AU-2 | |
| CCM | IVS-06 |