Network subnet flow logs should be enabled

Description

It is recommended that flow logs be enabled for every business-critical VPC subnet, as they provide visibility into network traffic for each VM inside the subnet and can be used to detect anomalous traffic or insight during security workflows.

Remediation Steps

Google Cloud Console

  • Navigate to VPC networks.

  • Click the desired subnet.

  • Click EDIT.

  • Set Flow logs to On.

  • Click Save.

gcloud CLI

  • To enable flow logs for a subnet:

    • gcloud compute networks subnets update [SUBNET_NAME] --region [REGION] --enable-flow-logs