Detects AWS Bedrock events where a custom model is imported, deployed, or a marketplace model endpoint is created or registered via CreateModelImportJob, CreateCustomModelDeployment, CreateMarketplaceModelEndpoint, or RegisterMarketplaceModelEndpoint. These actions can introduce a model artifact outside the organization’s trusted training/approval pipeline, enabling a potential supply-chain compromise if the model is backdoored or poisoned. The rule flags successful executions of these API calls to prompt validation of artifact provenance (ownership of the S3 source for imports and whether the marketplace product/ARN is from an approved vendor) and verification that the initiating identity and process originate from trusted pipelines. The detection helps ensure that only vetted models are used for inference.