diff --git a/README.md b/README.md
index ba5a277..da279c1 100644
--- a/README.md
+++ b/README.md
@@ -124,6 +124,7 @@ No modules.
| [subnet\_id](#input\_subnet\_id) | The ID of the subnet to use for scanning compute resources. Must also set `use_existing_subnet` to `true`. | `string` | `""` | no |
| [suffix](#input\_suffix) | A string to be appended to the end of the name of all new resources. | `string` | `""` | no |
| [tags](#input\_tags) | A map/dictionary of Tags to be assigned to created resources | `map(string)` | `{}` | no |
+| [use\_aws\_flow\_log](#input\_use\_aws\_flow\_log) | Whether or not you want to create AWS flow logs for the VPC. | `bool` | `true` | no |
| [use\_existing\_cross\_account\_role](#input\_use\_existing\_cross\_account\_role) | Set this to true to use an existing IAM cross account role | `bool` | `false` | no |
| [use\_existing\_event\_role](#input\_use\_existing\_event\_role) | Set this to true to use an existing IAM event role | `bool` | `false` | no |
| [use\_existing\_execution\_role](#input\_use\_existing\_execution\_role) | Set this to true to use an existing IAM execution role | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index f580b7b..09c7c72 100644
--- a/main.tf
+++ b/main.tf
@@ -906,7 +906,7 @@ resource "aws_vpc" "agentless_scan_vpc" {
}
resource "aws_flow_log" "agentless_scan_vpc_flow_log" {
- count = var.regional && !var.use_existing_vpc ? 1 : 0
+ count = var.regional && var.use_aws_flow_log && !var.use_existing_vpc ? 1 : 0
vpc_id = local.vpc_id
traffic_type = "REJECT"
diff --git a/variables.tf b/variables.tf
index 72dfbf3..53d5a39 100644
--- a/variables.tf
+++ b/variables.tf
@@ -360,3 +360,9 @@ variable "use_internet_gateway" {
default = true
description = "Whether or not you want to use an 'AWS internet gateway' for internet facing traffic. Only set this to false if you route internet traffic using a different approach."
}
+
+variable "use_aws_flow_log" {
+ type = bool
+ default = true
+ description = "Whether or not you want to create AWS flow logs for the VPC."
+}