A security company is using Amazon Bedrock to run foundation models (FMs).

AWS CloudTrail is a service that enables governance, compliance, and operational and risk auditing of your AWS account. It tracks API calls and identifies unauthorized access attempts to AWS resources, including Amazon Bedrock.

AWS CloudTrail:

Provides detailed logs of all API calls made within an AWS account, including those to Amazon Bedrock.

Can identify unauthorized access attempts by logging and monitoring the API calls, which helps in setting appropriate IAM policies and roles.

Why Option B is Correct:

Monitoring and Security: CloudTrail logs all access requests and helps detect unauthorized access attempts.

Auditing and Compliance: The logs can be used to audit user activity and enforce security measures.

Why Other Options are Incorrect:

A. AWS Audit Manager: Used for automating audit preparation, not for tracking real-time unauthorized access attempts.

C. Amazon Fraud Detector: Designed to detect fraudulent online activities, not unauthorized access to AWS services.

D. AWS Trusted Advisor: Provides best practice recommendations for AWS resources, not access monitoring.

Thus, B is the correct answer for identifying unauthorized users attempting to access Amazon Bedrock.