diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts
index fdc4a06ad2227..8dec584d53239 100644
--- a/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts
+++ b/packages/@aws-cdk/aws-ec2/lib/vpc-flow-logs.ts
@@ -285,6 +285,14 @@ export interface FlowLogOptions {
    * @default FlowLogDestinationType.toCloudWatchLogs()
    */
   readonly destination?: FlowLogDestination;
+
+  /**
+   * The fields to include in the flow log record, in the order in which they should appear.
+   * See https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records
+   *
+   * @default - No custom log format options provided.
+   */
+  readonly logFormat?: string;
 }
 
 /**
@@ -396,6 +404,9 @@ export class FlowLog extends FlowLogBase {
         ? props.trafficType
         : FlowLogTrafficType.ALL,
       logDestination,
+      logFormat: props.logFormat
+        ? props.logFormat
+        : undefined,
     });
 
     this.flowLogId = flowLog.ref;
diff --git a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts
index 956632bf1a0a5..ce937d90491b4 100644
--- a/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts
+++ b/packages/@aws-cdk/aws-ec2/test/vpc-flow-logs.test.ts
@@ -170,6 +170,31 @@ describe('vpc flow logs', () => {
       );
 
   });
+  test('with custom log format set, it successfully creates with cloudwatch log destination', () => {
+    const stack = getTestStack();
+
+    new FlowLog(stack, 'FlowLogs', {
+      resourceType: FlowLogResourceType.fromNetworkInterfaceId('eni-123455'),
+      logFormat: '${srcport} ${dstport}',
+    });
+
+    expect(stack).toHaveResource('AWS::EC2::FlowLog', {
+      ResourceType: 'NetworkInterface',
+      TrafficType: 'ALL',
+      ResourceId: 'eni-123455',
+      DeliverLogsPermissionArn: {
+        'Fn::GetAtt': ['FlowLogsIAMRoleF18F4209', 'Arn'],
+      },
+      LogFormat: '${srcport} ${dstport}',
+      LogGroupName: {
+        Ref: 'FlowLogsLogGroup9853A85F',
+      },
+    });
+
+    expect(stack).toCountResources('AWS::Logs::LogGroup', 1);
+    expect(stack).toCountResources('AWS::IAM::Role', 1);
+    expect(stack).not.toHaveResource('AWS::S3::Bucket');
+  });
 });
 
 function getTestStack(): Stack {