kenchew
Reputation: 334
Enable AWS VPC Flow Logs with Ansible
When creating an AWS VPC with Ansible, how to enable VPC Flow Logs?
Upvotes: 3
Views: 1247
Answers (1)
ydaetskcoR
Reputation: 56839
You can't do this directly with any of the officially released Ansible modules, but - as with anything that Ansible doesn't directly support - you can just shell out instead.
So if you wanted to enable VPC flow logs you could use the AWS CLI's create-flow-logs command:
- name: enable vpc flow logs
local_action: shell aws ec2 create-flow-logs --resource-type VPC --resource-ids {{ vpc_id }} --traffic-type ALL --log-group-name {{ vpc_flow_log_group_name }} --deliver-logs-permission-arn {{ vpc_flow_log_iam_role_arn }}
In addition to that, if ansible supports hooks or custom resource triggering, you can also enable VPC flow logs through the CloudFormation or even better using CDK. For more information refer to official doc
Upvotes: 5
Related Questions
- Ansible - include vars file from remote host
- Terraform to enable vpc flow logs to amazon s3
- How can I enable AWS VPC Flow logs by default?
- Ansible Cloudwatch rule reports failed invocations
- Aws Vpc flow logs to athena from s3
- How to get flow log IDs for a VPC using boto3
- Creating VPC in AWS using Ansible
- How to understand AWS VPC Flow Log ports?
- Using Ansible to create AWS Application Load Balancer rules
- How to fetch VPC Flow Logs from external Account