VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. After you've created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs. It is recommended that VPC Flow Logs be enabled for packet "Rejects" for VPCs.

Property	Value
Language
Severity
Service	ec2
Provider	AWS
Vulnerability Type	omission

Description

VPCs are missing Flow Logs, which means information about network traffic—including rejected connection attempts—is not being captured or stored. This lack of logging reduces visibility into network activity within the VPC.

Impact

Without VPC Flow Logs, it becomes difficult to detect suspicious traffic, investigate security incidents, or identify unauthorized access attempts. This can delay incident response and increase the risk of undetected breaches or policy violations.

Resolution

Enable flow logs for VPC