diff -u b/modules/cloud_service_providers/aws_cloud/config/install/field.field.cloud_config.aws_ec2.field_log_destination.yml b/modules/cloud_service_providers/aws_cloud/config/install/field.field.cloud_config.aws_ec2.field_log_destination.yml
--- b/modules/cloud_service_providers/aws_cloud/config/install/field.field.cloud_config.aws_ec2.field_log_destination.yml
+++ b/modules/cloud_service_providers/aws_cloud/config/install/field.field.cloud_config.aws_ec2.field_log_destination.yml
@@ -9,7 +9,7 @@
 entity_type: cloud_config
 bundle: aws_ec2
 label: 'S3 Bucket ARN'
-description: 'Specifies the destination to which the flow log data is to be published.'
+description: 'Specifies the destination to which the flow log data is to be published. The action logs:CreateLogDelivery need to be permitted.'
 required: false
 translatable: false
 default_value: {  }
diff -u b/modules/cloud_service_providers/aws_cloud/src/Plugin/AwsCloudServerTemplatePlugin.php b/modules/cloud_service_providers/aws_cloud/src/Plugin/AwsCloudServerTemplatePlugin.php
--- b/modules/cloud_service_providers/aws_cloud/src/Plugin/AwsCloudServerTemplatePlugin.php
+++ b/modules/cloud_service_providers/aws_cloud/src/Plugin/AwsCloudServerTemplatePlugin.php
@@ -694,7 +694,7 @@
    */
   private function createFlowLog($vpc_id) {
     // Check whether there is a flow log for the vpc.
-    $params['Filters'] = [
+    $params['Filter'] = [
       [
         'Name' => 'resource-id',
         'Values' => [$vpc_id],
@@ -734,7 +734,14 @@
       }
     }
 
-    $this->awsEc2Service->createFlowLogs($params);
+    $result = $this->awsEc2Service->createFlowLogs($params);
+    if (empty($result['FlowLogIds'])) {
+      $error = $result['Unsuccessful'][0]['Error']['Message'];
+      $this->messenger->addWarning($this->t(
+        'Failed to create a flow log because @error.',
+        ['@error' => $error]
+      ));
+    }
   }
 
 }