AWS Security ChangesHomeSearch

AWS ec2 documentation change

Service: ec2 · 2025-06-28 · Documentation medium

File: ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md

Summary

Added PowerShell example for creating VPC flow logs to monitor REJECT traffic patterns

Security assessment

Flow logs help monitor network security by tracking rejected traffic, but the change only demonstrates configuration without addressing a specific vulnerability. Enhances security visibility documentation.

Diff

diff --git a/ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md b/ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md
index 568b74651..e29e98aeb 100644
--- a//ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md
+++ b//ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md
@@ -101,0 +102,21 @@ PowerShell
+**Tools for PowerShell V5**
+    
+
+**Example 1: This example creates EC2 flowlog for the subnet subnet-1d234567 to the cloud-watch-log named 'subnet1-log' for all 'REJECT' traffic using the perimssions of the 'Admin' role**
+    
+    
+    New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
+    
+
+**Output:**
+    
+    
+    ClientToken                                  FlowLogIds             Unsuccessful
+    -----------                                  ----------             ------------
+    m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}
+
+  * For API details, see [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference) in _AWS Tools for PowerShell Cmdlet Reference (V5)_. 
+
+
+
+