This rule detects instances of high-confidence 'BLOCKED' actions in Amazon Bedrock where specific content filter violations linked to ethical concerns are observed. These violations include codes for misconduct (e.g., HATE, SEXUAL, INSULTS, PROMPT_ATTACK, and VIOLENCE), indicating potential persistent misuse of generative AI models or attempts to probe ethical limits. The logic checks for entries from logs related to AWS Bedrock invocations, focusing on actions deemed highly confident and subsequently blocked, which may warrant further investigation into user behavior. The rule operates on a 10-minute interval, aggregating violations to flag user accounts exceeding thresholds for content policy infractions.