Unexpected AWS API calls indicating AWS SageMaker presigned URL generation
Description
AlphaSOC detected the generation of Amazon SageMaker presigned URLs. These URLs grant direct access to SageMaker resources without requiring authentication, creating a potential vector for unauthorized access to machine learning models and data.
Impact
Adversaries can use presigned URLs to access SageMaker endpoints, notebooks, and training data without authentication. This access enables data theft, model manipulation, and resource abuse. Compromised models can lead to incorrect predictions, data poisoning, and increased compute costs.
Severity
| Severity | Condition |
|---|---|
Informational | Unexpected action, ASN, user agent, or region |
Low | Two unexpected properties at the same time |
Medium | Three unexpected properties at the same time |
Investigation and Remediation
Review CloudTrail logs to identify the IAM principal that generated the presigned URL. Verify if the URL creation aligns with approved business processes. Revoke active presigned URLs through IAM policy updates. Monitor SageMaker access patterns for any unexpected activity.