Monitor Security group changes using Cloudwatch and SNS
Lets say , You have an EC2 instance with a security group attached with it.
We won’t be able to track who made the changes to the security group unless we setup some monitoring such as Cloudtrail , AWS config , Cloudwatch etc.
So , In this guide We are going to setup a monitoring for security groups so whenever a change happens in the security group It will trigger the cloudwatch event and then we will be alerted on a specific channel such as Email , SMS using SNS.
Services Used
Cloudwatch Event
SNS
Step 1: Add SNS topic with Subscriber
First we need to setup a SNS topic with the subscriber , So whenever the cloudwatch event is triggered with a particular event eg: RevokeSecurityGroupIngress , It will let the SNS topic to send us the message.