Design Partners
Enable VPC Flow Logs for subnetworks
** org.openrewrite.terraform.gcp.EnableVPCFlowLogsForSubnetworks** Ensure GCP VPC flow logs for subnets are enabled. Flow Logs capture information on IP traffic moving through network interfaces. This information can be used to monitor anomalous traffic and provide security insights.

Tags

  • GCP
  • CKV_GCP_26
  • terraform

Source

  • groupId: org.openrewrite.recipe
  • artifactId: rewrite-terraform
  • version: 1.6.0

Usage

This recipe has no required configuration options and can be activated directly after taking a dependency on org.openrewrite.recipe:rewrite-terraform:1.6.0 in your build file:
Gradle
Maven
build.gradle
1
plugins {
2
id("org.openrewrite.rewrite") version("5.22.2")
3
}
4
5
rewrite {
6
activeRecipe("org.openrewrite.terraform.gcp.EnableVPCFlowLogsForSubnetworks")
7
}
8
9
repositories {
10
mavenCentral()
11
}
12
13
dependencies {
14
rewrite("org.openrewrite.recipe:rewrite-terraform:1.6.0")
15
}
Copied!
pom.xml
1
<project>
2
<build>
3
<plugins>
4
<plugin>
5
<groupId>org.openrewrite.maven</groupId>
6
<artifactId>rewrite-maven-plugin</artifactId>
7
<version>4.25.0</version>
8
<configuration>
9
<activeRecipes>
10
<recipe>org.openrewrite.terraform.gcp.EnableVPCFlowLogsForSubnetworks</recipe>
11
</activeRecipes>
12
</configuration>
13
<dependencies>
14
<dependency>
15
<groupId>org.openrewrite.recipe</groupId>
16
<artifactId>rewrite-terraform</artifactId>
17
<version>1.6.0</version>
18
</dependency>
19
</dependencies>
20
</plugin>
21
</plugins>
22
</build>
23
</project>
Copied!
Recipes can also be activated directly from the command line by adding the argument -Drewrite.activeRecipesorg.openrewrite.terraform.gcp.EnableVPCFlowLogsForSubnetworks

Definition

Recipe List
Yaml Recipe List
    • resourceName: google_compute_subnetwork
    • content: log_config { aggregation_interval = "INTERVAL_10_MIN" flow_sampling = 0.5 metadata = "INCLUDE_ALL_METADATA" }
1
---
2
type: specs.openrewrite.org/v1beta/recipe
3
name: org.openrewrite.terraform.gcp.EnableVPCFlowLogsForSubnetworks
4
displayName: Enable VPC Flow Logs for subnetworks
5
description: Ensure GCP VPC flow logs for subnets are enabled. Flow Logs capture information on IP traffic moving through network interfaces. This information can be used to monitor anomalous traffic and provide security insights.
6
tags:
7
- GCP
8
- CKV_GCP_26
9
- terraform
10
recipeList:
11
- org.openrewrite.terraform.AddConfiguration:
12
resourceName: google_compute_subnetwork
13
content: log_config {
14
aggregation_interval = "INTERVAL_10_MIN"
15
flow_sampling = 0.5
16
metadata = "INCLUDE_ALL_METADATA"
17
}
Copied!
Export as PDF
Copy link