AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-EC2FlowLog-LogGroupName <String>-DeliverLogsPermissionArn <String>-LogDestination <String>-LogDestinationType <LogDestinationType>-LogFormat <String>-MaxAggregationInterval <Int32>-ResourceId <String[]>-ResourceType <FlowLogsResourceType>-TagSpecification <TagSpecification[]>-TrafficType <TrafficType>-ClientToken <String>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
LogDestinationType
as s3
, do not specify DeliverLogsPermissionArn
or LogGroupName
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
LogDestinationType
.If LogDestinationType
is not specified or cloud-watch-logs
, specify the Amazon Resource Name (ARN) of the CloudWatch Logs log group. For example, to publish to a log group called my-logs
, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs
. Alternatively, use LogGroupName
instead.If LogDestinationType is s3
, specify the ARN of the Amazon S3 bucket. You can also specify a subfolder in the bucket. To specify a subfolder in the bucket, use the following ARN format: bucket_ARN/subfolder_name/
. For example, to specify a subfolder named my-logs
in a bucket named my-bucket
, use the following ARN: arn:aws:s3:::my-bucket/my-logs/
. You cannot use AWSLogs
as a subfolder name. This is a reserved term. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
cloud-watch-logs
. To publish flow log data to Amazon S3, specify s3
.If you specify LogDestinationType
as s3
, do not specify DeliverLogsPermissionArn
or LogGroupName
.Default: cloud-watch-logs
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
${field-id}
format, separated by spaces. For the AWS CLI, use single quotation marks (' ') to surround the parameter value. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
LogDestinationType
as s3
, do not specify DeliverLogsPermissionArn
or LogGroupName
. Required? | False |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ResourceIds |
ResourceId
property, specify VPC
for this property. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | TagSpecifications |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
New-EC2FlowLog -ResourceId "subnet-1d234567" -LogDestinationType cloud-watch-logs -LogGroupName subnet1-log -TrafficType "REJECT" -ResourceType Subnet -DeliverLogsPermissionArn "arn:aws:iam::98765432109:role/Admin"
ClientToken FlowLogIds Unsuccessful
----------- ---------- ------------
m1VN2cxP3iB4qo//VUKl5EU6cF7gQLOxcqNefvjeTGw= {fl-012fc34eed5678c9d} {}This example creates EC2 flowlog for the subnet subnet-1d234567 to the cloud-watch-log named 'subnet1-log' for all 'REJECT' traffic using the perimssions of the 'Admin' role
AWS Tools for PowerShell: 2.x.y.z