AWS ec2 documentation change
Summary
Added PowerShell example for creating VPC flow logs to monitor REJECT traffic patterns
Security assessment
Flow logs help monitor network security by tracking rejected traffic, but the change only demonstrates configuration without addressing a specific vulnerability. Enhances security visibility documentation.
Diff
diff --git a/ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md b/ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md index 568b74651..e29e98aeb 100644 --- a//ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md +++ b//ec2/latest/devguide/example_ec2_CreateFlowLogs_section.md @@ -101,0 +102,21 @@ PowerShell +**Tools for PowerShell V5** + + +**Example 1: This example creates EC2 flowlog for the subnet subnet-1d234567 to the cloud-watch-log named 'subnet1-log' for all 'REJECT' traffic using the perimssions of the 'Admin' role** + + + New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin" + + +**Output:** + + + ClientToken FlowLogIds Unsuccessful + ----------- ---------- ------------ + m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {} + + * For API details, see [CreateFlowLogs](https://docs.aws.amazon.com/powershell/v5/reference) in _AWS Tools for PowerShell Cmdlet Reference (V5)_. + + + +