Public Cloud Flow Log Configuration
The Cloud Flow Logs page (Administration > Integration > Cloud Flow Logs) is used to configure the Flow Gateway to retrieve flow logs from public cloud networks (currently AWS via S3 only).
To enable polling:
- On the AWS tab, configure the AWS accounts and buckets as described below.
Select the AWS tab to configure polling for Amazon Web Services environments via S3 buckets. At least one AWS account and one AWS bucket must be configured.
AWS Accounts
You can configure one or more AWS accounts from which Flow Gateway will collect flow log data. Click the Add button to specify:
- Name: A name that will be used to identify this account
- Access Key: The AWS access key ID
- Secret Key: The AWS secret access key
AWS Buckets
You can configure one or more AWS S3 buckets. Click the Add button to specify:
- AWS Account: Select one of the AWS accounts already specified
- S3 URI: The URI for the S3 bucket
- Role: AWS assumeRole
- Clear After Fetch: When selected, the files will be deleted after they are retrieved.
Notes:
- The polling status is shown for each configured account and bucket. Green indicates that the configuration is valid and polling was successful.
- The Flow Gateway Overview page will list the flow type as “AWS VPC Flow Log” and show the version of the highest configured field; the IP address will be that of the Flow Gateway. AWS flow logs that are ingested via the Lambda script appear as AWS VPC Flow Exporter.