As part of the networking journey in AWS you'll come across VPC flow logs. Why do we need VPC flow logs ? Well they help with:

1. Monitoring
2. Debugging
3. Setting appropriate access
4. Determining flow of traffic

We can use the console for creating the VPC Flow logs. I prefer to create the flow logs with Infra as Code. As you will probably find in larger organizations that setting up flow logs will be rolled out across the organization.

Where's the code?

CDK comes in a variety of languages and provides some sensible defaults up front if you don't want to define everything yet. I'll use typescript as it provides strong typing and allows us to write the front end/back end and lambda logic in the same language.

Here's how to setup the initial project once you have Node.JS installed .

# install cdk globally if you don't already have it
npm i -g aws-cdk

mkdir my-app
cd my-app
cdk init --language=typescript
# add in the other modules we'll need
npm i @aws-cdk/aws-logs
npm i @aws-cdk/aws-ec2

So the first thing we'll need is to modify the lib/*-stack.ts file and add in our vpc.

import * as ec2 from "@aws-cdk/aws-ec2";
...
// The code that defines your stack goes here
const vpc = new ec2.Vpc(this, 'Vpc', {});

Once this is done we should be able to build our solution.

# compile the typescript
npm run build
# check the changes we've made
npm run cdk diff

Where's our logs?

Let's add them in. We can place them into CloudWatch or S3. I'll use CloudWatch for this example.

import * as logs from "@aws-cdk/aws-logs";
import * as ec2 from "@aws-cdk/aws-ec2";
...
// The code that defines your stack goes here
const cwLogs = new logs.LogGroup(this, 'Log', {
      logGroupName: '/aws/vpc/flowlogs',
    });    
const vpc = new ec2.Vpc(this, 'Vpc', {
  flowLogs: {
        's3': {
          destination: ec2.FlowLogDestination.toCloudWatchLogs(cwLogs),
          trafficType:ec2.FlowLogTrafficType.ALL,
      }
});

Questions

Can I use an existing VPC? yes.