- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Detect when an IAM Roles Anywhere trust anchor is created.
This rule monitors CloudTrail logs for CreateTrustAnchor
API calls. An attacker may attempt to establish persistence by creating an IAM Roles Anywhere trust anchor. The IAM Roles Anywhere service allows workloads that do not run in AWS to assume roles by presenting a client-side X.509 certificate signed by a trusted certificate authority, called a “trust anchor”.
{{@evt.name}}
should have been performed by the user: {{@userIdentity.arn}}
: