Write lambda function to Enable vpc flow logs in all regions thru boto3 below are the points which is required before starting please create workflow chart and SOP also.
1) Check vpc flow logs in all region whether its enable or not if yes exit if not enabled , enable the flow logs create the log group in cloudwatch and store the logs in s3 bucket.
2) Cloudwatch logs expiry of 90 days and then export the logs to S3 bucket.
3) bucket creation format : storage_bucket_name = account_alias + '-vpclogs' + '-' + region_name
4) s3 bucket life cycle configuration will be 3 months online and 9 months offline (archived)
5)I will provide s3 bucket policy for storing logs.
6) for storing logs there is a limit of 1 export running at a time so wait until current export is finshed that should be checked in code.