Suspicious activity

Anomaly detection: Unusual amount of access denied responses by a role assumed from another account



Unlike in the past, the role was assumed by an identity from external cloud account which resulted in access denied responses. Those findings might indicate on a malicious usage of the role permissions.
  • Recommended Mitigation

    It is recommended to review the relevant CloudTrail events and principals that issued this API calls.