Security auditing
AWS offers some good tools to help you keep your security policies in shape. Those will provide you with detailed audit reports including advice on how to improve any potential risk areas. In addition, you can configure service logs, so you get a better understanding what goes on within your deployment or AWS account as a whole.
VPC Flow Logs
This service lets you capture information about the network traffic flowing through a VPC. The generated logs (unfortunately not quite real-time yet) contain src/dst port, src/dst address, protocol and other related details (for a full list please see: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records). Apart from making for some pretty cool graphs to help ...
Get Implementing DevOps on AWS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.