The rule 'IAM Entity Created Without CloudFormation' is designed to detect the manual creation of IAM entities (such as groups, policies, roles, or users) outside of configuration management tools like AWS CloudFormation. This practice is discouraged as it poses a security risk due to potential unauthorized access and makes it difficult to track permissions consistently. The rule leverages AWS CloudTrail logging to identify when IAM entities are created manually without the use of CloudFormation, which is necessary for ensuring that permissions and roles are managed uniformly. The summary attributes for this rule include 'userAgent', 'sourceIpAddress', and 'recipientAccountId', which provide context for the logged events. The severity level of this detection is classified as medium, highlighting the need for configuration management within AWS resources to maintain security compliance.