AWS Console Session Traceability: How Attackers Obfuscate Identity Through the AWS Console
Attackers can take advantage of a quirk of the default AWS configuration (without SourceIdentity configured) to potentially make detecting and attributing their actions more difficult.