VPC Flow Logs allows you to capture metadata about the traffic flowing in and out of networking interfaces within a VPC.
Amazon CloudTrail
CloudTrail is a governance, compliance, risk management, and auditing service that records account activity within an AWS account. Any actions taken by users, roles, or AWS services are recorded to the service. Activity is recorded as a CloudTrail event, and by default you can view 90 days via event history.
Amazon CloudWatch
CloudWatch is a service that provides near real-time monitoring of AWS products. In essence, it’s a metrics repository. You can import custom metric data in real-time from some AWS services and on-premises platforms.