A company has deployed a centralized NAT gateway in a VPC and uses VPC Flow Logs to monitor traffic. The network team notices that traffic from an EC2 instance in a private subnet to the internet is not being logged in the flow logs. The flow logs are configured at the VPC level with the 'ALL' format. What is the most likely cause of this issue?
Trap 1: The EC2 instance is using a different VPC than the one where flow…
The question states the instance is in a private subnet of the same VPC.
Trap 2: The flow log format is set to 'ALL' which excludes NAT gateway…
The 'ALL' format includes all fields and does not exclude NAT gateway traffic.
Trap 3: The flow logs are configured to capture only rejected traffic by…
Flow logs capture both accepted and rejected traffic based on the filter setting; default is 'ALL'.
- A
The EC2 instance is using a different VPC than the one where flow logs are configured.
Why wrong: The question states the instance is in a private subnet of the same VPC.
- B
The flow log format is set to 'ALL' which excludes NAT gateway traffic.
Why wrong: The 'ALL' format includes all fields and does not exclude NAT gateway traffic.
- C
The flow logs are configured to capture only rejected traffic by default.
Why wrong: Flow logs capture both accepted and rejected traffic based on the filter setting; default is 'ALL'.
- D
Flow logs must be created specifically for the NAT gateway's elastic network interface to capture its traffic.
VPC-level flow logs do not capture traffic for the NAT gateway's ENI; a separate flow log for the NAT gateway ENI is required.