Multi-Account AI/ML Security Assessment Report

Security Checks

Evaluated per account

Total Findings

198

Across 3 accounts

Actionable Findings

High, Medium, and Low severity

High Severity

0/36

0.0% passed · Immediate action required

Medium Severity

0/35

0.0% passed · Should be addressed

Low Severity
0/2
0.0% passed · Best practices

Priority Recommendations

AmazonBedrockFullAccess role check

Bedrock

Marketplace Subscription Access Check

Bedrock

Bedrock Guardrails Check

Bedrock

Severity Legend

View full methodology

Severity	Meaning	Recommended Action
High	Direct security risk - IAM/access control gaps, missing audit trails, guardrail bypasses that could lead to unauthorized access or data exposure	Remediate within 7 days
Medium	Defense-in-depth gaps - encryption, logging, or configuration issues that reduce security posture	Remediate within 30 days
Low	Best practice deviations - optimization opportunities that improve security hygiene	Remediate within 90 days
Informational	No resources found or advisory recommendations - check does not apply or suggests optional improvements	No action required

All Security Findings

Account ID	Check ID	Finding	Details	Resolution	Severity	Status
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'myAskMeAnything-role-kmsizqwf' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-03472be90d65c2f68, vpc-39319f44, vpc-064f3e808e378cbc8, vpc-02d020a365a06c7fe	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-a6ddf3fc76' has overly permissive marketplace subscription access through policy 'BedrockAgentCoreRuntimeExecutionPolicy-cdk_agent_core'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-ed660add8b' has overly permissive marketplace subscription access through policy 'BedrockAgentCoreRuntimeExecutionPolicy-neoCyan_Agent'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockExecutionRoleForKnowledgeBase_knnc9' has overly permissive marketplace subscription access through policy 'AmazonBedrockFoundationModelPolicyForKnowledgeBase_knnc9'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockExecutionRoleForKnowledgeBase_qxqw2' has overly permissive marketplace subscription access through policy 'AmazonBedrockFoundationModelPolicyForKnowledgeBase_qxqw2'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonSageMaker-ExecutionRole-20250525T153161' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'myAskMeAnything-role-kmsizqwf' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockAPIKey-20pp' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockAPIKey-yhc3' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockClientUser' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is properly configured with delivery to: CloudWatch Logs	No action required	Informational	Passed
`111111111111`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`111111111111`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`111111111111`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`111111111111`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`111111111111`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`111111111111`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`111111111111`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`111111111111`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-02`	AgentCore IAM Full Access Policy	The following roles have BedrockAgentCoreFullAccess policy: AmazonSageMaker-ExecutionRole-20250525T153161	Replace with least-privilege policies scoped to specific AgentCore resources and actions	High	Failed
`111111111111`	`AC-02`	AgentCore IAM Wildcard Permissions	The following roles have wildcard AgentCore permissions on all resources: agentcore-wildrydes_gateway_role_ab3991f6-role	Scope permissions to specific AgentCore resources using resource ARNs	High	Failed
`111111111111`	`AC-03`	AgentCore Stale Access	The following principals have not accessed AgentCore in 60+ days: role 'AmazonSageMaker-ExecutionRole-20250525T153161' (119 days), role 'AWSServiceRoleForBedrockAgentCoreRuntimeIdentity' (119 days), role 'CustomerSupportAssistantBedrockAgentCoreRole-us-east-1' (119 days)	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`111111111111`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'agentcore-wildrydes_gateway_role_ab3991f6-role', role 'AIMLSecurityMemberRole', role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-a6ddf3fc76', role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-ed660add8b', role 'aws-api-mcp-server-execution-role', role 'CustomerSupportStackInfra-RuntimeAgentCoreRole-N188nLB5RtLO', role 'IDP-AnalyticsProcessorFunctionRole-H3gwkJtNqrqW', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-05`	AgentCore ECR Repository AWS-Managed Keys	ECR repository 'bedrock-agentcore-customer_support_agent' uses AWS-managed keys instead of customer-managed KMS keys	Consider using customer-managed KMS keys for better control and audit capabilities	Low	Failed
`111111111111`	`AC-05`	AgentCore ECR Repository AWS-Managed Keys	ECR repository 'bedrock-agentcore-origami_expeditions' uses AWS-managed keys instead of customer-managed KMS keys	Consider using customer-managed KMS keys for better control and audit capabilities	Low	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'CustomerSupportMemory-x69jBq5GLp' (CustomerSupportMemory-x69jBq5GLp) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'cdk_agent_core_mem-uxfIagADuF' (cdk_agent_core_mem-uxfIagADuF) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'wildrydes_memory_ab3991f6-9FjiHOHjT2' (wildrydes_memory_ab3991f6-9FjiHOHjT2) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`111111111111`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 4 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`111111111111`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`111111111111`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`111111111111`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`111111111111`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A
`111111111111`	`SM-01`	Non-VPC Only Network Access	SageMaker domain 'd-cz8qi7j81si3' (QuickSetupDomain-20250525T153160) is not configured for VPC-only access	Configure the SageMaker domain to use VPC-only network access type	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMaker-ExecutionRole-20231014T200029' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMaker-ExecutionRole-20250525T153161' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMakerServiceCatalogProductsExecutionRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'EMR_EC2_DefaultRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'SageMaker-EMR-ExecutionRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SSO Not Properly Configured	SageMaker domain 'd-cz8qi7j81si3' (QuickSetupDomain-20250525T153160) is using authentication mode: IAM	Enable and properly configure AWS IAM Identity Center (successor to AWS SSO) for centralized access management. Ensure Identity Store ID is configured.	Medium	Failed
`111111111111`	`SM-03`	Missing Encryption Configuration	Domain 'QuickSetupDomain-20250525T153160' - No KMS key configured	Configure encryption using AWS KMS customer managed keys for enhanced security	High	Failed
`111111111111`	`SM-03`	Missing VPC Encryption	Domain 'QuickSetupDomain-20250525T153160' - No VPC encryption configuration	Enable encryption for inter-container traffic and VPC communication	Medium	Failed
`111111111111`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`111111111111`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`111111111111`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`111111111111`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`111111111111`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`111111111111`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`111111111111`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`111111111111`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`111111111111`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`111111111111`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`111111111111`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`111111111111`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`111111111111`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`111111111111`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`111111111111`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`111111111111`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`111111111111`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`111111111111`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`111111111111`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`111111111111`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`111111111111`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`111111111111`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`111111111111`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`111111111111`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A
`333333333333`	`BR-01`	AmazonBedrockFullAccess role check	No roles found with AmazonBedrockFullAccess policy	No action required	Informational	N/A
`333333333333`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-0ea3420ee0a2f9109, vpc-0b6d11037270bd579	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`333333333333`	`BR-03`	Marketplace Subscription Access Check	No identities found with overly permissive marketplace subscription access	No action required	Informational	N/A
`333333333333`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is not enabled. This limits your ability to track and audit model usage.	Enable model invocation logging to collect invocation logs, model input data, and model output data. Configure logging to deliver to Amazon S3, CloudWatch Logs, or both for comprehensive monitoring.	Medium	Failed
`333333333333`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`333333333333`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`333333333333`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`333333333333`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`333333333333`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`333333333333`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`333333333333`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`333333333333`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A
`333333333333`	`AC-01`	AgentCore VPC Configuration Check	No AgentCore resources found or all resources have proper VPC configuration	No action required	Informational	N/A
`333333333333`	`AC-02`	AgentCore IAM Full Access Check	No roles with overly permissive AgentCore access found	No action required	Informational	N/A
`333333333333`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'AIMLSecurityMemberRole', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`333333333333`	`AC-04`	AgentCore Observability Check	No AgentCore resources found or all resources have proper observability configuration	No action required	Informational	N/A
`333333333333`	`AC-05`	AgentCore Encryption Check	No AgentCore resources found or all resources have proper encryption configuration	No action required	Informational	N/A
`333333333333`	`AC-06`	AgentCore Browser Tool Recording Check	No AgentCore Runtimes found to check browser tool configuration	No action required	Informational	N/A
`333333333333`	`AC-07`	AgentCore Memory Configuration Check	No Memory resources found	No action required	Informational	N/A
`333333333333`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`333333333333`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 2 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`333333333333`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`333333333333`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`333333333333`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`333333333333`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A
`333333333333`	`SM-01`	SageMaker Internet Access Check	All SageMaker resources are properly configured to use VPC connectivity	No action required	Informational	Passed
`333333333333`	`SM-02`	SageMaker IAM Permissions Check	No issues found with IAM permissions, SSO is enabled, and no stale access detected	No action required	Informational	Passed
`333333333333`	`SM-03`	Data Protection Check	All resources use appropriate encryption configurations	No action required	Informational	Passed
`333333333333`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`333333333333`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`333333333333`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`333333333333`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`333333333333`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`333333333333`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`333333333333`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`333333333333`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`333333333333`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`333333333333`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`333333333333`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`333333333333`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`333333333333`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`333333333333`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`333333333333`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`333333333333`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`333333333333`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`333333333333`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`333333333333`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`333333333333`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`333333333333`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`333333333333`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`333333333333`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`333333333333`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A
`222222222222`	`AC-01`	AgentCore VPC Configuration Check	No AgentCore resources found or all resources have proper VPC configuration	No action required	Informational	N/A
`222222222222`	`AC-02`	AgentCore IAM Full Access Check	No roles with overly permissive AgentCore access found	No action required	Informational	N/A
`222222222222`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'AIMLSecurityMemberRole', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`222222222222`	`AC-04`	AgentCore Observability Check	No AgentCore resources found or all resources have proper observability configuration	No action required	Informational	N/A
`222222222222`	`AC-05`	AgentCore Encryption Check	No AgentCore resources found or all resources have proper encryption configuration	No action required	Informational	N/A
`222222222222`	`AC-06`	AgentCore Browser Tool Recording Check	No AgentCore Runtimes found to check browser tool configuration	No action required	Informational	N/A
`222222222222`	`AC-07`	AgentCore Memory Configuration Check	No Memory resources found	No action required	Informational	N/A
`222222222222`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`222222222222`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 3 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`222222222222`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`222222222222`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`222222222222`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`222222222222`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A
`222222222222`	`SM-01`	SageMaker Internet Access Check	All SageMaker resources are properly configured to use VPC connectivity	No action required	Informational	Passed
`222222222222`	`SM-02`	SageMaker IAM Permissions Check	No issues found with IAM permissions, SSO is enabled, and no stale access detected	No action required	Informational	Passed
`222222222222`	`SM-03`	Data Protection Check	All resources use appropriate encryption configurations	No action required	Informational	Passed
`222222222222`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`222222222222`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`222222222222`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`222222222222`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`222222222222`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`222222222222`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`222222222222`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`222222222222`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`222222222222`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`222222222222`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`222222222222`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`222222222222`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`222222222222`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`222222222222`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`222222222222`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`222222222222`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`222222222222`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`222222222222`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`222222222222`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`222222222222`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`222222222222`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`222222222222`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`222222222222`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`222222222222`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A
`222222222222`	`BR-01`	AmazonBedrockFullAccess role check	No roles found with AmazonBedrockFullAccess policy	No action required	Informational	N/A
`222222222222`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-04be7123a2d083cf2, vpc-c04f86bd, vpc-00d6bbcc95caabf5d	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`222222222222`	`BR-03`	Marketplace Subscription Access Check	No identities found with overly permissive marketplace subscription access	No action required	Informational	N/A
`222222222222`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is not enabled. This limits your ability to track and audit model usage.	Enable model invocation logging to collect invocation logs, model input data, and model output data. Configure logging to deliver to Amazon S3, CloudWatch Logs, or both for comprehensive monitoring.	Medium	Failed
`222222222222`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`222222222222`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`222222222222`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`222222222222`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`222222222222`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`222222222222`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`222222222222`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`222222222222`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A

Risk Distribution

Pass Rate by Severity

HIGH

0.0%

0 of 36 checks passed

MEDIUM

0.0%

0 of 35 checks passed

LOW

0.0%

0 of 2 checks passed

Overall

0.0%

0 of 73 actionable checks

Risk by Account

111111111111

32 High · 25 Med · 2 Low

222222222222

2 High · 5 Med · 0 Low

333333333333

2 High · 5 Med · 0 Low

Findings by Service

Bedrock

22 Failed · 1 Passed

SageMaker

14 Failed · 15 Passed

AgentCore

37 Failed · 0 Passed

Amazon Bedrock Findings

Account ID	Check ID	Finding	Details	Resolution	Severity	Status
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-01`	AmazonBedrockFullAccess role check	Role 'myAskMeAnything-role-kmsizqwf' has AmazonBedrockFullAccess policy attached	Limit the AmazonBedrockFullAccess policy only to required access	High	Failed
`111111111111`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-03472be90d65c2f68, vpc-39319f44, vpc-064f3e808e378cbc8, vpc-02d020a365a06c7fe	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-a6ddf3fc76' has overly permissive marketplace subscription access through policy 'BedrockAgentCoreRuntimeExecutionPolicy-cdk_agent_core'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-ed660add8b' has overly permissive marketplace subscription access through policy 'BedrockAgentCoreRuntimeExecutionPolicy-neoCyan_Agent'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockExecutionRoleForKnowledgeBase_knnc9' has overly permissive marketplace subscription access through policy 'AmazonBedrockFoundationModelPolicyForKnowledgeBase_knnc9'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonBedrockExecutionRoleForKnowledgeBase_qxqw2' has overly permissive marketplace subscription access through policy 'AmazonBedrockFoundationModelPolicyForKnowledgeBase_qxqw2'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'AmazonSageMaker-ExecutionRole-20250525T153161' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	Role 'myAskMeAnything-role-kmsizqwf' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockAPIKey-20pp' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockAPIKey-yhc3' has overly permissive marketplace subscription access through policy 'AmazonBedrockLimitedAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-03`	Marketplace Subscription Access Check	User 'BedrockClientUser' has overly permissive marketplace subscription access through policy 'AmazonBedrockFullAccess'	Ensure that users have access to only the models that you want user to be able to subscribe to based on your organizational policies. For example, you may want users to have access to only text based models and not image and video generation model. This can also help to keep cost in check.	High	Failed
`111111111111`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is properly configured with delivery to: CloudWatch Logs	No action required	Informational	Passed
`111111111111`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`111111111111`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`111111111111`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`111111111111`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`111111111111`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`111111111111`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`111111111111`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`111111111111`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A
`333333333333`	`BR-01`	AmazonBedrockFullAccess role check	No roles found with AmazonBedrockFullAccess policy	No action required	Informational	N/A
`333333333333`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-0ea3420ee0a2f9109, vpc-0b6d11037270bd579	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`333333333333`	`BR-03`	Marketplace Subscription Access Check	No identities found with overly permissive marketplace subscription access	No action required	Informational	N/A
`333333333333`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is not enabled. This limits your ability to track and audit model usage.	Enable model invocation logging to collect invocation logs, model input data, and model output data. Configure logging to deliver to Amazon S3, CloudWatch Logs, or both for comprehensive monitoring.	Medium	Failed
`333333333333`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`333333333333`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`333333333333`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`333333333333`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`333333333333`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`333333333333`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`333333333333`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`333333333333`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A
`222222222222`	`BR-01`	AmazonBedrockFullAccess role check	No roles found with AmazonBedrockFullAccess policy	No action required	Informational	N/A
`222222222222`	`BR-02`	Amazon Bedrock private connectivity not used	No Bedrock service VPC endpoints found in VPCs: vpc-04be7123a2d083cf2, vpc-c04f86bd, vpc-00d6bbcc95caabf5d	Create a VPC endpoint in your VPC with any of the following Bedrock service endpoints that your application may be using: - com.amazonaws.region.bedrock - com.amazonaws.region.bedrock-runtime - com.amazonaws.region.bedrock-agent - com.amazonaws.region.bedrock-agent-runtime	Informational	N/A
`222222222222`	`BR-03`	Marketplace Subscription Access Check	No identities found with overly permissive marketplace subscription access	No action required	Informational	N/A
`222222222222`	`BR-04`	Bedrock Model Invocation Logging Check	Model invocation logging is not enabled. This limits your ability to track and audit model usage.	Enable model invocation logging to collect invocation logs, model input data, and model output data. Configure logging to deliver to Amazon S3, CloudWatch Logs, or both for comprehensive monitoring.	Medium	Failed
`222222222222`	`BR-05`	Bedrock Guardrails Check	No Amazon Bedrock Guardrails are configured. This may expose your application to potential risks such as harmful content, sensitive information disclosure, or hallucinations.	Configure Bedrock Guardrails to implement safeguards such as: - Content filters to block harmful content - Denied topics to prevent undesirable discussions - Sensitive information filters to protect PII - Contextual grounding checks to prevent hallucinations	Medium	Failed
`222222222222`	`BR-06`	Bedrock CloudTrail Logging Check	CloudTrail is not configured to log Amazon Bedrock API calls. This limits your ability to audit and monitor Bedrock usage.	Enable CloudTrail logging for Bedrock by : 1. Configuring an advanced event selector for Bedrock events 2. Enabling management events logging in a multi-region trail	High	Failed
`222222222222`	`BR-07`	Bedrock Prompt Management Check	Prompt Management feature is not being used. This may lead to inconsistent prompt handling and suboptimal model responses.	Implement Prompt Management to: 1. Create and version your prompts 2. Test different prompt variants 3. Share prompts across your organization 4. Maintain consistent prompt templates	Informational	N/A
`222222222222`	`BR-08`	Bedrock Agent IAM Roles Check	No Bedrock agents found in the account	No action required	Informational	N/A
`222222222222`	`BR-10`	Bedrock Guardrail IAM Enforcement Check	No guardrails configured - IAM enforcement check not applicable	Configure Bedrock Guardrails first, then enforce their use via IAM policies	Informational	N/A
`222222222222`	`BR-11`	Bedrock Custom Model Encryption Check	No custom/fine-tuned models found in the account	No action required	Informational	N/A
`222222222222`	`BR-12`	Bedrock Invocation Log Encryption Check	Model invocation logging to S3 is not configured	If logging is enabled to CloudWatch only, ensure CloudWatch log group uses CMK encryption	Informational	N/A
`222222222222`	`BR-13`	Bedrock Flows Guardrails Check	No Bedrock Flows found in the account	No action required	Informational	N/A

Amazon SageMaker Findings

Account ID	Check ID	Finding	Details	Resolution	Severity	Status
`111111111111`	`SM-01`	Non-VPC Only Network Access	SageMaker domain 'd-cz8qi7j81si3' (QuickSetupDomain-20250525T153160) is not configured for VPC-only access	Configure the SageMaker domain to use VPC-only network access type	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMaker-ExecutionRole-20231014T200029' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMaker-ExecutionRole-20250525T153161' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'AmazonSageMakerServiceCatalogProductsExecutionRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'EMR_EC2_DefaultRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'IDPSageMakerCfnStack-SageMakerExecutionRole-aqrHz6dVkoHC' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'LLMEvaluationPromptfoo-SageMakerExecutionRole-M69xCHJ9c3LU' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SageMaker Full Access Policy Used	Role 'SageMaker-EMR-ExecutionRole' has AmazonSageMakerFullAccess policy attached	Replace AmazonSageMakerFullAccess with more restrictive custom policies that follow the principle of least privilege	High	Failed
`111111111111`	`SM-02`	SSO Not Properly Configured	SageMaker domain 'd-cz8qi7j81si3' (QuickSetupDomain-20250525T153160) is using authentication mode: IAM	Enable and properly configure AWS IAM Identity Center (successor to AWS SSO) for centralized access management. Ensure Identity Store ID is configured.	Medium	Failed
`111111111111`	`SM-03`	Missing Encryption Configuration	Domain 'QuickSetupDomain-20250525T153160' - No KMS key configured	Configure encryption using AWS KMS customer managed keys for enhanced security	High	Failed
`111111111111`	`SM-03`	Missing VPC Encryption	Domain 'QuickSetupDomain-20250525T153160' - No VPC encryption configuration	Enable encryption for inter-container traffic and VPC communication	Medium	Failed
`111111111111`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`111111111111`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`111111111111`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`111111111111`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`111111111111`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`111111111111`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`111111111111`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`111111111111`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`111111111111`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`111111111111`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`111111111111`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`111111111111`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`111111111111`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`111111111111`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`111111111111`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`111111111111`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`111111111111`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`111111111111`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`111111111111`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`111111111111`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`111111111111`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`111111111111`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`111111111111`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`111111111111`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A
`333333333333`	`SM-01`	SageMaker Internet Access Check	All SageMaker resources are properly configured to use VPC connectivity	No action required	Informational	Passed
`333333333333`	`SM-02`	SageMaker IAM Permissions Check	No issues found with IAM permissions, SSO is enabled, and no stale access detected	No action required	Informational	Passed
`333333333333`	`SM-03`	Data Protection Check	All resources use appropriate encryption configurations	No action required	Informational	Passed
`333333333333`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`333333333333`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`333333333333`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`333333333333`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`333333333333`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`333333333333`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`333333333333`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`333333333333`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`333333333333`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`333333333333`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`333333333333`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`333333333333`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`333333333333`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`333333333333`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`333333333333`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`333333333333`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`333333333333`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`333333333333`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`333333333333`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`333333333333`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`333333333333`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`333333333333`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`333333333333`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`333333333333`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A
`222222222222`	`SM-01`	SageMaker Internet Access Check	All SageMaker resources are properly configured to use VPC connectivity	No action required	Informational	Passed
`222222222222`	`SM-02`	SageMaker IAM Permissions Check	No issues found with IAM permissions, SSO is enabled, and no stale access detected	No action required	Informational	Passed
`222222222222`	`SM-03`	Data Protection Check	All resources use appropriate encryption configurations	No action required	Informational	Passed
`222222222222`	`SM-04`	GuardDuty Enabled	Amazon GuardDuty is properly enabled and monitoring for security threats in SageMaker workloads.	No action required	Informational	Passed
`222222222222`	`SM-05`	SageMaker Model Registry Issue	No model package groups found	Implement model versioning using SageMaker Model Registry to track model lineage, approve model versions, and manage model deployment	Medium	Failed
`222222222222`	`SM-05`	SageMaker Feature Store Issue	No feature groups found	Utilize SageMaker Feature Store to create, share, and manage features for machine learning development and production	Informational	N/A
`222222222222`	`SM-05`	SageMaker Pipelines Issue	No ML pipelines found	Implement SageMaker Pipelines to automate and manage ML workflows, including data preparation, training, and model deployment	Informational	N/A
`222222222222`	`SM-06`	SageMaker Clarify No Clarify Usage	No SageMaker Clarify jobs found	Implement SageMaker Clarify for model explainability and bias detection	Informational	N/A
`222222222222`	`SM-07`	SageMaker Model Monitor No Model Monitoring	No Model Monitor schedules found	Configure comprehensive model monitoring schedules	Informational	N/A
`222222222222`	`SM-08`	Model Registry Registry Not Used	Model Registry is not being utilized	Implement proper model versioning and approval workflows	Informational	N/A
`222222222222`	`SM-09`	SageMaker Notebook Root Access Check	No notebook instances found	No action required	Informational	N/A
`222222222222`	`SM-10`	SageMaker Notebook VPC Deployment Check	No notebook instances found	No action required	Informational	N/A
`222222222222`	`SM-11`	SageMaker Model Network Isolation Check	No models found	No action required	Informational	N/A
`222222222222`	`SM-12`	SageMaker Endpoint Instance Count Check	No InService endpoints found	No action required	Informational	N/A
`222222222222`	`SM-13`	SageMaker Monitoring Network Isolation Check	No monitoring schedules found	No action required	Informational	N/A
`222222222222`	`SM-14`	SageMaker Model Repository Access Check	No models found or all use default Platform access	No action required	Informational	N/A
`222222222222`	`SM-15`	SageMaker Feature Store Encryption Check	No feature groups with offline stores found	No action required	Informational	N/A
`222222222222`	`SM-16`	SageMaker Data Quality Job Encryption Check	No data quality job definitions found	No action required	Informational	N/A
`222222222222`	`SM-17`	SageMaker Processing Job Encryption Check	No processing jobs found	No action required	Informational	N/A
`222222222222`	`SM-18`	SageMaker Transform Job Encryption Check	No transform jobs found	No action required	Informational	N/A
`222222222222`	`SM-19`	SageMaker Hyperparameter Tuning Job Encryption Check	No hyperparameter tuning jobs found	No action required	Informational	N/A
`222222222222`	`SM-20`	SageMaker Compilation Job Encryption Check	No compilation jobs found	No action required	Informational	N/A
`222222222222`	`SM-21`	SageMaker AutoML Job Network Isolation Check	No AutoML jobs found	No action required	Informational	N/A
`222222222222`	`SM-22`	Model Approval Workflow Check	No model package groups found. Model Registry is not being used for model governance.	Implement Model Registry to track model versions and enforce approval workflows before production deployment.	Informational	N/A
`222222222222`	`SM-23`	Model Drift Detection Check	No InService endpoints found to monitor.	No action required	Informational	Passed
`222222222222`	`SM-24`	A/B Testing and Shadow Deployment Check	No InService endpoints found.	No action required	Informational	Passed
`222222222222`	`SM-25`	ML Lineage Tracking - Experiments Not Used	No SageMaker Experiments found. ML Lineage tracking through Experiments is not being utilized.	Implement SageMaker Experiments to track ML training runs, hyperparameters, metrics, and model artifacts. This enables reproducibility and auditability.	Informational	N/A

Amazon Bedrock AgentCore Findings

Account ID	Check ID	Finding	Details	Resolution	Severity	Status
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-01`	AgentCore Runtime VPC Configuration	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) is not configured with VPC. This exposes the runtime to public internet.	Configure VPC with private subnets and required VPC endpoints (ECR, S3, CloudWatch Logs)	High	Failed
`111111111111`	`AC-02`	AgentCore IAM Full Access Policy	The following roles have BedrockAgentCoreFullAccess policy: AmazonSageMaker-ExecutionRole-20250525T153161	Replace with least-privilege policies scoped to specific AgentCore resources and actions	High	Failed
`111111111111`	`AC-02`	AgentCore IAM Wildcard Permissions	The following roles have wildcard AgentCore permissions on all resources: agentcore-wildrydes_gateway_role_ab3991f6-role	Scope permissions to specific AgentCore resources using resource ARNs	High	Failed
`111111111111`	`AC-03`	AgentCore Stale Access	The following principals have not accessed AgentCore in 60+ days: role 'AmazonSageMaker-ExecutionRole-20250525T153161' (119 days), role 'AWSServiceRoleForBedrockAgentCoreRuntimeIdentity' (119 days), role 'CustomerSupportAssistantBedrockAgentCoreRole-us-east-1' (119 days)	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`111111111111`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'agentcore-wildrydes_gateway_role_ab3991f6-role', role 'AIMLSecurityMemberRole', role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-a6ddf3fc76', role 'AmazonBedrockAgentCoreSDKRuntime-us-east-1-ed660add8b', role 'aws-api-mcp-server-execution-role', role 'CustomerSupportStackInfra-RuntimeAgentCoreRole-N188nLB5RtLO', role 'IDP-AnalyticsProcessorFunctionRole-H3gwkJtNqrqW', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime CloudWatch Logs	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have CloudWatch Logs configured	Enable CloudWatch Logs for monitoring and troubleshooting	Medium	Failed
`111111111111`	`AC-04`	AgentCore Runtime X-Ray Tracing	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have X-Ray tracing enabled	Enable X-Ray tracing for distributed tracing and performance analysis	Medium	Failed
`111111111111`	`AC-05`	AgentCore ECR Repository AWS-Managed Keys	ECR repository 'bedrock-agentcore-customer_support_agent' uses AWS-managed keys instead of customer-managed KMS keys	Consider using customer-managed KMS keys for better control and audit capabilities	Low	Failed
`111111111111`	`AC-05`	AgentCore ECR Repository AWS-Managed Keys	ECR repository 'bedrock-agentcore-origami_expeditions' uses AWS-managed keys instead of customer-managed KMS keys	Consider using customer-managed KMS keys for better control and audit capabilities	Low	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'origami_expeditions' (origami_expeditions-TR4jDoHXe8) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'neoCyan_Agent' (neoCyan_Agent-yAFXSWFaA3) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'customer_support_agent' (customer_support_agent-ZP4e8z55dP) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'cdk_agent_core' (cdk_agent_core-7FqFlD86LW) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-06`	AgentCore Runtime Storage Configuration	Runtime 'awsapimcpserver' (awsapimcpserver-mJrqgt37GO) does not have storage configuration for browser tools	Configure S3 storage for browser tool session recordings and artifacts	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'CustomerSupportMemory-x69jBq5GLp' (CustomerSupportMemory-x69jBq5GLp) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'cdk_agent_core_mem-uxfIagADuF' (cdk_agent_core_mem-uxfIagADuF) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-07`	AgentCore Memory Encryption	Memory 'wildrydes_memory_ab3991f6-9FjiHOHjT2' (wildrydes_memory_ab3991f6-9FjiHOHjT2) does not have customer-managed encryption configured	Enable encryption with customer-managed KMS keys	Medium	Failed
`111111111111`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`111111111111`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 4 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`111111111111`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`111111111111`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`111111111111`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`111111111111`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A
`333333333333`	`AC-01`	AgentCore VPC Configuration Check	No AgentCore resources found or all resources have proper VPC configuration	No action required	Informational	N/A
`333333333333`	`AC-02`	AgentCore IAM Full Access Check	No roles with overly permissive AgentCore access found	No action required	Informational	N/A
`333333333333`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'AIMLSecurityMemberRole', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`333333333333`	`AC-04`	AgentCore Observability Check	No AgentCore resources found or all resources have proper observability configuration	No action required	Informational	N/A
`333333333333`	`AC-05`	AgentCore Encryption Check	No AgentCore resources found or all resources have proper encryption configuration	No action required	Informational	N/A
`333333333333`	`AC-06`	AgentCore Browser Tool Recording Check	No AgentCore Runtimes found to check browser tool configuration	No action required	Informational	N/A
`333333333333`	`AC-07`	AgentCore Memory Configuration Check	No Memory resources found	No action required	Informational	N/A
`333333333333`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`333333333333`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 2 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`333333333333`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`333333333333`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`333333333333`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`333333333333`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A
`222222222222`	`AC-01`	AgentCore VPC Configuration Check	No AgentCore resources found or all resources have proper VPC configuration	No action required	Informational	N/A
`222222222222`	`AC-02`	AgentCore IAM Full Access Check	No roles with overly permissive AgentCore access found	No action required	Informational	N/A
`222222222222`	`AC-03`	AgentCore Unused Permissions	The following principals have AgentCore permissions but have never accessed the service: role 'AIMLSecurityMemberRole', role 'ReSCOAIMLMemberRole'	Review and remove unused AgentCore permissions following least privilege principle	Medium	Failed
`222222222222`	`AC-04`	AgentCore Observability Check	No AgentCore resources found or all resources have proper observability configuration	No action required	Informational	N/A
`222222222222`	`AC-05`	AgentCore Encryption Check	No AgentCore resources found or all resources have proper encryption configuration	No action required	Informational	N/A
`222222222222`	`AC-06`	AgentCore Browser Tool Recording Check	No AgentCore Runtimes found to check browser tool configuration	No action required	Informational	N/A
`222222222222`	`AC-07`	AgentCore Memory Configuration Check	No Memory resources found	No action required	Informational	N/A
`222222222222`	`AC-13`	AgentCore Gateway Configuration Check	No Gateway resources found	No action required	Informational	N/A
`222222222222`	`AC-08`	AgentCore VPC Endpoints Missing	No AgentCore VPC endpoints found in 3 VPCs. AgentCore API traffic traverses public internet, exposing it to interception.	Create VPC interface endpoints for AgentCore services: 1. com.amazonaws.region.bedrock-agentcore 2. com.amazonaws.region.bedrock-agentcore-control 3. com.amazonaws.region.bedrock-agentcore-runtime This enables private connectivity via AWS PrivateLink	High	Failed
`222222222222`	`AC-09`	AgentCore Service-Linked Role Missing	Service-linked role 'AWSServiceRoleForBedrockAgentCoreNetwork' does not exist. VPC configuration for AgentCore Runtimes will fail without this role.	The service-linked role is automatically created when you configure VPC for an AgentCore Runtime. Ensure IAM permissions allow service-linked role creation.	Medium	Failed
`222222222222`	`AC-10`	AgentCore Resource-Based Policies Check	No AgentCore resources found to check for resource-based policies	No action required	Informational	N/A
`222222222222`	`AC-11`	AgentCore Policy Engine Encryption Check	No Policy Engines found	No action required	Informational	N/A
`222222222222`	`AC-12`	AgentCore Gateway Encryption Check	No Gateways found	No action required	Informational	N/A

Assessment Methodology

Severity Levels & Status Values

High	Direct security risk	Failed	Remediation needed
Medium	Defense-in-depth gap	Passed	Meets requirements
Low	Best practice	N/A	Not applicable
Informational	No action required

Remediation Guidance

High	7 days	Address immediately; block deployment if unresolved
Medium	30 days	Schedule in next sprint; may require change window
Low	90 days	Include in backlog; address during regular maintenance

Assessment Notes

Point-in-time: Security posture changes as resources are modified. Scope limited: Passed checks verify tested controls only. Context matters: Adjust severity for compliance requirements and environment type.

Assessment Scope

Amazon Bedrock

Amazon SageMaker

Amazon Bedrock AgentCore

Based on AWS Well-Architected Framework (Generative AI Lens) and service-specific security documentation.

Security Assessment Overview

Priority Recommendations

Severity Legend

Pass Rate by Severity

Risk by Account

Findings by Service

Severity Levels & Status Values

Remediation Guidance

Assessment Notes

Assessment Scope