Posted On: Jul 27, 2022

Starting today, Amazon VPC Flow Logs adds support for Transit Gateway. With this feature, Transit Gateway can export detailed telemetry information such as source/destination IP addresses, ports, protocol, traffic counters, timestamps and various metadata for all of its network flows. This feature provides you with an Amazon Web Services native tool to centrally export and inspect flow-level telemetry for all network traffic that is traversing between Amazon VPCs and customer’s on-premises networks via your Transit gateway.

Transit Gateway enables you to connect thousands of Amazon Virtual Private Clouds (VPCs) and your on-premises networks using a single gateway. Until now VPC flow logs provided network telemetry from individual VPCs attached to the Transit gateway, and you had to run complex procedures to correlate that data for gaining end-to-end network insights. With Transit gateway Flow logs, you are able to gain flow-level insights from one central point in your network(s) using a single AWS account. This capability provides you with flow-level visibility for traffic across Amazon Web Services China regions over Transit gateway peering connections as well as your traffic over Direct Connect connections without having to rely on third-party routers or telemetry export tools. Transit Gateway Flow Logs feature can help you with myriads of use-cases around proactive network troubleshooting, network capacity planning and compliance and security.

To get started, simply create a new Flow logs subscription using Transit gateway or a Transit gateway attachment as a resource. You can select custom log format to choose specific log fields and the desired log destination type such as Amazon S3 or Cloudwatch logs. This feature is available through the Amazon Web Services Management Console, the Amazon Command Line Interface (Amazon CLI), and the Amazon Software Development Kit (Amazon SDK).

VPC Flow Logs support for Transit Gateway is available in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD. For additional information, visit the Amazon Transit Gateway product page, the documentation, pricing page and the frequently asked questions.