You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The boolean flag whether to enable VPC Flow Logs in the default VPC
bool
true
no
enabled
The boolean flag whether this module is enabled or not. No resources are created when set to false.
bool
true
no
flow_logs_destination_type
The type of the logging destination. Valid values: cloud-watch-logs, s3
string
"cloud-watch-logs"
no
flow_logs_iam_role_arn
The ARN of the IAM Role which will be used by VPC Flow Logs if vpc_log_destination_type is cloud-watch-logs.
string
""
no
flow_logs_log_group_name
The name of CloudWatch Logs group to which VPC Flow Logs are delivered if vpc_log_destination_type is cloud-watch-logs.
string
""
no
flow_logs_retention_in_days
Number of days to retain logs if vpc_log_destination_type is cloud-watch-logs. CIS recommends 365 days. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. Set to 0 to keep logs indefinitely.
number
365
no
flow_logs_s3_arn
The ARN of the S3 bucket to which VPC Flow Logs are delivered if vpc_log_destination_type is s3.
string
""
no
flow_logs_s3_key_prefix
The prefix used when VPC Flow Logs delivers logs to the S3 bucket.
string
"flow-logs"
no
tags
Specifies object tags key and value. This applies to all resources created by this module.
map
{ "Terraform": true }
no
Outputs
Name
Description
default_network_acl
The default network ACL.
default_route_table
The default route table.
default_security_group
The default security group.
default_vpc
The default VPC.
vpc_flow_logs_group
The CloudWatch Logs log group which stores VPC Flow Logs.