LoFP
/
aws federated account
Title
Tags
updating a saml provider or creating a new one may not necessarily be malicious however it needs to be closely monitored.
t1078
aws federated account
splunk