This event detects a security group permissions change and deletion of a security group.
Why this Event is Important
A security group is one of the mechanisms to use to limit unauthorized users from accessing certain resources in AWS. For example, this event triggers if a security group was changed to allow access to a particular resource from anywhere as opposed to any particular IP.
Validate that the security group provides access to only those individuals/services that need access. Check who made the last change to the security group and validate if there was a business justification for that change.
Ensure that all the rules in the security group are required.