Skip to main content

Use Case for VPC Endpoint Unused Traffic Detection

Quick Links

Configure VPC Endpoint Unused Traffic Detection
Use Case for VPC Endpoint Unused Traffic Detection
Triage Guides by Violation Type
1. Triage VPC Endpoint Unused Traffic Detection BYTES_PROCESSED_BELOW_THRESHOLD
2. Triage VPC Endpoint Unused Traffic Detection NEW_CONNECTIONS_BELOW_THRESHOLD

VPC Endpoint Unused Traffic Detection Policy

This policy identifies unused AWS VPC Endpoints by analyzing traffic over a specified period. It focuses on Private Link endpoints and reports any with zero connections or bytes processed.

Variables

inactivityPeriodDays: Number of days to analyze for traffic. Defaults to 30.
bytesProcessedThreshold: The threshold for the BytesProcessed metric, indicating inactivity when equaled or undershoot. Defaults to 0.
newConnectionsThreshold: The threshold for the NewConnections metric, indicating inactivity when equaled or fallen below. Defaults to 0.

Violation Types

BYTES_PROCESSED_BELOW_THRESHOLD: Indicates that an endpoint's BytesProcessed metric is equal to or below the set threshold.
NEW_CONNECTIONS_BELOW_THRESHOLD: Indicates that an endpoint's NewConnections metric falls below the set threshold.

Quick Links
Variables
Violation Types