I am looking into AWF WAF & Shield standard option - see below screenshot:
It says it's already activated.
What does it mean for it to be 'activated'? It says it does network flow monitoring. Is there a network report that I can see / analyze?
Thanks!
My best guess is that AWS Shield Standard is automatically activated by AWS to protect their own infrastructure.
They may also want to protect against billing defaults, e.g. there is a risk that a DDoS attack generates a high amount of service costs that cannot be recovered from a private individual or small business. The "AWS Shared Responsibility" could become a legal gray zone when it comes to determine who should bear the costs of a DDoS.
The reason it is activated would be mainly out of self-interest of AWS. That is why there is protection but you don't have access to any reporting as it would increase costs for AWS to provide you that reporting.
See the feature comparison (Standard vs. Advanced):
