Description

VPC flow logs record information about all traffic, which is a vital tool in reviewing anomalous traffic.

Resolution: Enable VPC flow logs.

Examples

Example of incorrect code:

resource "google_compute_subnetwork" "bad_example" {
  name          = "test-subnetwork"
  ip_cidr_range = "10.2.0.0/16"
  region        = "us-central1"
  network       = google_compute_network.custom-test.id
  secondary_ip_range {
    range_name    = "tf-test-secondary-range-update1"
    ip_cidr_range = "192.168.10.0/24"
  }
  enable_flow_logs = false
}

resource "google_compute_network" "custom-test" {
  name                    = "test-network"
  auto_create_subnetworks = false
}

Example of correct code:

resource "google_compute_subnetwork" "good_example" {
  name          = "test-subnetwork"
  ip_cidr_range = "10.2.0.0/16"
  region        = "us-central1"
  network       = google_compute_network.custom-test.id
  secondary_ip_range {
    range_name    = "tf-test-secondary-range-update1"
    ip_cidr_range = "192.168.10.0/24"
  }
  enable_flow_logs = true
}

resource "google_compute_network" "custom-test" {
  name                    = "test-network"
  auto_create_subnetworks = false
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Files

google-compute-enable-vpc-flow-logs.md

google-compute-enable-vpc-flow-logs.md

Description

Examples

Files

google-compute-enable-vpc-flow-logs.md

Latest commit

History

google-compute-enable-vpc-flow-logs.md

File metadata and controls

Description

Examples