Traffic Mirror Session

A Traffic Mirror Session in AWS allows you to capture and mirror network traffic from an Elastic Network Interface (ENI) to a target for monitoring and analysis. It defines the source ENI, the target destination (such as a Network Load Balancer or EC2 instance), and optional filters to control which traffic is mirrored. This helps with deep packet inspection, troubleshooting, and security monitoring without impacting the original traffic flow.

aws.ec2_traffic_mirror_session

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
descriptioncorestringThe description of the Traffic Mirror session.
network_interface_idcorestringThe ID of the Traffic Mirror session's network interface.
owner_idcorestringThe ID of the account that owns the Traffic Mirror session.
packet_lengthcoreint64The number of bytes in each packet to mirror. These are the bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet
session_numbercoreint64The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets. Valid values are 1-32766.
tagscorehstore
traffic_mirror_filter_idcorestringThe ID of the Traffic Mirror filter.
traffic_mirror_session_idcorestringThe ID for the Traffic Mirror session.
traffic_mirror_target_idcorestringThe ID of the Traffic Mirror target.
virtual_network_idcoreint64The virtual network ID associated with the Traffic Mirror session.