By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM PoliciesVPC Endpoint PoliciesAmazon ECRRDS Event Subscriptions

By Service Protected

Configuration Packages

Strategy Guides

Other

VPC Security Controls

VPC Traffic Mirroring

Configuration to enable Traffic Mirroring from a network interface (ENI) of an Amazon EC2 instance, which can then be used for monitoring and security analysis. Traffic Mirroring supports filters and packet truncation so that only traffic of interest is monitored.

To enable Traffic Mirroring, the following template configures the following: 

  • Traffic Mirror Filter: Configure filter rules to specify which packets are selected to be copied.
  • Traffic Mirror Target: Configure the destination where mirrored packets are sent to. Targets can be network interfaces of EC2 instances or a Network Load Balancer (NLB).
  • Traffic Mirror Session: Establishes the relationship between the mirror filter and target specified, and specifies the source network interface (ENI) to mirror traffic from. 
Items
3
Size
0.6 KB
Missing Parameters
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
  TrafficMirrorSession:
    Type: "AWS::EC2::TrafficMirrorSession"
    Properties:
      NetworkInterfaceId: ""
      SessionNumber: 1
      TrafficMirrorFilterId:
        Ref: "TrafficMirrorFitler"
      TrafficMirrorTargetId:
        Ref: "TrafficMirrorTarget"
  TrafficMirrorTarget:
    Type: "AWS::EC2::TrafficMirrorTarget"
    Properties:
      NetworkLoadBalancerArn: ""
  TrafficMirrorFitler:
    Type: "AWS::EC2::TrafficMirrorFilter"
    Properties: {}
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Session Settings

Target Settings

Filter Settings

* Required field