Amazon Web Services (AWS) is well known for its shared responsibility model: AWS is responsible for fixing the flaws in the infrastructure and its customers are responsible for configuring and adequately protecting their own data using access management or other security controls. If an organization does not follow the least privilege principle in AWS or makes a simple misconfiguration, it could lead to a compromise very quickly. AWS offers a variety of resources such as Amazon Elastic Compute Cloud (EC2), Lambda, Amazon Simple Storage Service (S3), API Gateway, and many more. In this blog, we will look at one of the entry points to detect an attack in AWS at the earlier stages.