heroui logo

AWS Bedrock Model Prompt or Completion Containing Credentials

Elastic Detection Rules

View Source
Summary
Detects live credentials in AWS Bedrock model invocations by inspecting the decoded prompt and completion for credential patterns. Specifically, it searches for AWS access key IDs (AKIA or ASIA) followed by 16 characters, an Amazon Bedrock API key (ABSK bearer token), or a PEM private-key block. A credential in the prompt indicates secrets being sent to the model (and could be logged or exposed to the provider); a credential in the completion indicates the model returning secrets (possible leakage via training data, poisoned context, or prompt-injection). The rule applies to Bedrock invocation logs ingested via the Elastic AWS Bedrock integration, scanning both prompt and completion fields. It aligns with MITRE ATT&CK T1552 (Unsecured Credentials) under Credential Access. If a live credential is detected, rotate the secret immediately and review the invocation context to identify the caller and application, then implement input/output filtering or guardrails to prevent recurrence.
Categories
  • Cloud
  • AWS
Data Sources
  • Cloud Service
  • Application Log
ATT&CK Techniques
  • T1552
Created: 2026-07-08