Customers can now replicate the network traffic from an EC2 instance within their Amazon Virtual Private Cloud (Amazon VPC) and forward that traffic to security and monitoring appliances for use cases such as content inspection, threat monitoring, and troubleshooting. These appliances can be deployed on an individual Amazon EC2 instance or a fleet of instances behind a Network Load Balancer (NLB) with a User Datagram Protocol (UDP) listener. Amazon VPC traffic mirroring also supports traffic filtering and packet truncation, allowing customers to extract only traffic they are interested in monitoring.

from Recent Announcements https://aws.amazon.com/about-aws/whats-new/2019/06/announcing-amazon-vpc-traffic-mirroring-for-amazon-ec2-instances/