Situation
An alert is required to track any changes to Security Groups made by users other than the administrator.
Resolution
Create an SNS Topic
Configure SNS Subscription
Create a subscription with the protocol set to email.
A confirmation email will be sent to the provided address — click "Confirm" in the email to complete the subscription process.
Create Change Security Group Event Rule
EventBridge > Events > Rules > Create Rule
Event Pattern > Use a predefined pattern provided by the service.
Service Provider : AWS
Service Name : EC2
Event Type : AWS API Call via CloudTrail
Specific Operations : AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, RevokeSecurityGroupEgress, CreateSecurityGroup, DeleteSecurityGroup 추가
Link the created SNS topic as the event rule's target.