LoFP / legitimate users may encounter multiple failures during permission testing, role transitions, or when service permissions are being reconfigured. high volumes of api errors may also occur during automated processes with misconfigured iam policies or when new bedrock features are being explored through api testing.

Techniques

• T1580

Sample rules

AWS Bedrock High Number List Foundation Model Failures

• source: splunk
• technicques:
  • T1580

Description

The following analytic identifies an high number of AccessDenied attempts to list AWS Bedrock foundation models. It leverages AWS CloudTrail logs to detect when a user or service experiences multiple failures when calling the ListFoundationModels API. This activity is significant as it may indicate an adversary performing reconnaissance of available AI models after compromising credentials with limited permissions. Repeated failures could suggest brute force attempts to enumerate accessible resources or misconfigured access controls. If confirmed malicious, this could represent early-stage reconnaissance before attempting to access or manipulate Bedrock models or knowledge bases.

Detection logic

`cloudtrail` eventSource=bedrock.amazonaws.com eventName=ListFoundationModels errorCode=AccessDenied  
| rename user_name as user  
| stats count min(_time) as firstTime max(_time) as lastTime values(errorCode) as errorCodes values(errorMessage) as errorMessages by src user user_agent vendor_account vendor_product dest signature vendor_region 
| where count > 9 
| `security_content_ctime(firstTime)`  
| `security_content_ctime(lastTime)` 
| `aws_bedrock_high_number_list_foundation_model_failures_filter`