This detection rule monitors actions related to Amazon Bedrock Guardrails, specifically focusing on updates or deletions. Amazon Bedrock Guardrails are crucial for enforcing safeguards in AI workloads, ensuring compliance with responsible AI policies. When a guardrail is updated or deleted, it could open up security vulnerabilities, making it essential to detect these changes promptly. The rule specifically looks for events logged by AWS CloudTrail that indicate either an update (UpdateGuardrail) or deletion (DeleteGuardrail) of a guardrail. It flags actions that could indicate an unauthorized change to these critical components of AI operations, and it demands investigation whenever such changes are reported.