Does Amazon Guard Duty need specific access to my bucket when I enable VPC flow logs?

0

Hi there, I have a quick questions. When I enable VPC flow logs to then be pushed to an S3 bucket, will GuardDuty still be able to review my logs or does it need any specific access to the bucket for this to happen?

1 回答
2
已接受的回答

Yes, GuardDuty will analyze the VPC flow logs as they are generated. When you enable GuardDuty, it immediately starts analyzing your VPC flow logs from Amazon EC2 instances within your account. It consumes VPC flow log events directly from the VPC Flow Logs feature through an independent and duplicative stream of flow logs. This process does not affect any of your existing flow logs configuration.

The VPC flow logs you have delivered to your buckets are derived from the same internal data source as GuardDuty uses to analyse flow logs. So GuardDuty not need access to the S3 bucket that is used for storing VPC flow logs as it will not access the logs from there.

AWS
已回答 1 年前
profile picture
专家
已审核 1 年前
profile picture
专家
已审核 1 年前
profile picture
专家
已审核 1 年前
  • Awesome, thank you!

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则