| Time | Source | Dest FQDN (TLS SNI) | Action | Match rule |
|---|---|---|---|---|
| 16:42:18 | 10.0.4.137 (agent-1b) | api.salesforce.com | alert | sor-allowlist |
| 16:38:51 | 10.0.0.42 (agent-1a) | api.salesforce.com | alert | sor-allowlist |
| 16:35:09 | 10.0.4.137 (agent-1b) | api.monday.com | alert | sor-allowlist |
| 15:22:34 | 10.0.8.91 (agent-1c) | api.gitbook.com | alert | sor-allowlist |
Yesterday the AI platform processed 1,247 agent invocations across 2 active tiers, returning 542k output tokens at a measured cost of $4.31. Activity was steady through the day with a peak around 14:00 ET coinciding with weekly Sales report generation.
Three notable events: (1) one NFW alert fired against api.example-test.com at 11:34, investigated and confirmed as a the external developer integration test from a documented sandbox flow; (2) GuardDuty reported one Low-severity finding regarding console-MFA-disabled, which applies to AWS Identity Center and is by design (Identity Center handles MFA at its layer, not at the AWS console layer); (3) the daily backup of the agent state table completed in 11 seconds. No PII workflows were exercised. No deploys.
| Time | Principal | Key |
|---|---|---|
| 16:42:18 | cloudtrail.amazonaws.com | audit CMK |
| 16:38:51 | bedrock.amazonaws.com | agent CMK |
| 16:35:09 | logs.amazonaws.com | audit CMK |
| ✓ Zero agent-role-as-principal entries. PII-blindness holding. | ||
| ↗ Recent failed sign-ins (Cognito) |
| ↗ Agent invocations grouped by tier |
| ↗ Permission boundary denies (last 24h) |
| ↗ NFW alert frequency by destination |
| ↗ All KMS Decrypt + Encrypt by principal |
| ↗ DDB writes to lockbox table (should be 0 in Phase 1) |