Elastic Security Detection Rules

AWS Bedrock Foundation Model Access Enabled or Entitlement Granted

Last updated 3 days ago on 2026-06-04
Created 3 days ago on 2026-06-04

About

Identifies when access to an Amazon Bedrock foundation model is enabled at the account level, either by granting a foundation-model entitlement, submitting a use case for model access, or creating a foundation-model agreement (accepting the EULA). These account-level "model access" actions unlock a foundation model so that it can subsequently be invoked. Adversaries or a compromised principal may enable model access to abuse expensive models (LLMjacking), to establish a durable ability to invoke models within the account, or to bypass organizational controls. This activity is distinct from changes to a resource-based model invocation policy and is identified by the Bedrock control-plane API calls that grant model entitlements and agreements.
Tags
Domain: CloudDomain: LLMData Source: AWSData Source: AWS CloudTrailData Source: Amazon Web ServicesData Source: Amazon BedrockUse Case: Threat DetectionTactic: PersistenceLanguage: kuery
Severity
medium
Risk Score
47
MITRE ATT&CK™

Persistence (TA0003)(external, opens in a new tab or window)

Account Manipulation (T1098)(external, opens in a new tab or window)

False Positive Examples
Cloud administrators and machine-learning teams routinely enable model access, submit use cases, and accept model end-user license agreements (EULAs) during account onboarding or when adopting a new foundation model. Verify that the principal, source IP, and user agent are expected and that the change aligns with a known onboarding or provisioning activity before escalating. If this activity is expected and authorized for specific principals, consider adding exceptions for those users or roles.
License
Elastic License v2(external, opens in a new tab or window)

Definition

Rule Type
Query (Kibana Query Language)
Integration Pack
Prebuilt Security Detection Rules
Index Patterns
logs-aws.cloudtrail-*
Related Integrations

aws(external, opens in a new tab or window)

Query
text code block:
data_stream.dataset: "aws.cloudtrail"
    and event.provider: "bedrock.amazonaws.com"
    and event.action: (
        "PutFoundationModelEntitlement" or
        "PutUseCaseForModelAccess" or
        "CreateFoundationModelAgreement"
    )
    and event.outcome: "success"

Install detection rules in Elastic Security

Detect AWS Bedrock Foundation Model Access Enabled or Entitlement Granted in the Elastic Security detection engine by installing this rule into your Elastic Stack.

To setup this rule, check out the installation guide for Prebuilt Security Detection Rules(external, opens in a new tab or window).