Failure of VPC flow logs should generate errors in CloudTrail | by Teri Radichel | Biting Bugs | December 2023

esteria.white

Misconfigured role, no logs, no errors in CloudTrail

I’ve mentioned in a few other articles some issues I’m having with CloudTrail.

When these configuration errors exist, it seems like there should be errors in CloudTrail explaining what the problem is.

Additionally, the error message on the screen was incorrect: it said that the log group did not exist in this region or account, but it did. The problem was that the Flow Logs role did not have access to it via the assigned role policy.

Follow for updates.

Teri Radichel | © 2nd sight laboratory 2023

The best way to support this blog is to subscribe to the broadcast list And type for the stories you love. If you are interested in IANS Decision Support Services so you can schedule security consulting calls with myself and other IANS faculty, please contact us on LinkedIn via the link below. THANKS!

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
Author
: Cybersecurity for Executives in the Age of Cloud
Presentations
: Presentations by Teri Radichel
Recognition: SANS Difference Makers Award, AWS Security Hero, IANS Faculty
Certifications: SANS
Education: BA Business, Master of Software Engineering, Master of Infosec
Company: Cloud Penetration Tests, Assessments, Training ~ 2nd Sight Lab
Like this story? Use the options below to help me write more!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Clap
❤️ Referrals
❤️ Medium: Teri Radichel
❤️ Email List:
Teri Radichel
❤️ Twitter:
@teriradichel
❤️ Mastodon:
@teriradichel@infosec.exchange
❤️ Facebook:
2nd Sight Lab
❤️ YouTube:
@2ndsightlab
❤️ Buy a Book: Teri Radichel on Amazon
❤️ Request a penetration test, assessment, or training
via LinkedIn:
Teri Radichel
❤️ Schedule a consulting call with me through
IANS Research

Leave a comment