Hi friends, I need to make a change to our default sg attached to vpc. Is there some monitoring tool available to us that i can use to see what impact the change is having?
thanks for that documentation link, i did come across 1 or 2 of these in my search yesterday such as the vpc flow logs.
Im working on achieving the security requirement [EC2.2] VPC default security groups should not allow inbound or outbound traffic
https://docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-2
I guess im looking for some monitoring tool that can help us identify connections associated with a particular sg. But i dont believe sg themselves have any logging