0

I want to monitor not just the metrics from my Site-to-Site VPN via CloudWatch, I ether want to see the whole incoming and outgoing traffic with source and destination addresses and packet types i.e. 1.2.3.4 => 12.20.12.1 ICMP (Port 123)

In Client VPN there is a possibility, but not in Site-to-Site VPN.

Clément
  • 23
  • 5
  • If the VPC flow logs are not enough, you can try to create a NAT instance to another VPN enforce the route with the VPC route. Then you could dump the traffic in the NAT instance. – gusto2 Oct 29 '21 at 12:54

1 Answers1

0

Unfortunately, that is not possible as per docs.

Only the following metrics are currently available:

  1. TunnelState - Fractional value between 0 and 1
  2. TunnelDataIn - Bytes
  3. TunnelDataOut - Bytes
Ermiya Eskandary
  • 15,323
  • 3
  • 31
  • 44