QUESTION

How can I check if a source or a destination address is within one of the listed AWS CIDR blocks?

ANSWER

To accomplish this, you can use a lookup table. An example of this can be found in the documentation section "Example using CIDR matching through Panther Console". 

You'll also find a suggested detection that can alert you if any VPC traffic comes from a source IP address outside of your company's allowed CIDR blocks.