Comment on page
📓
Assessment Terminology
This page is a guide to the terminology P0 uses within the IAM Assessment feature.
- Assessment - A continuously scheduled collection and analysis of an IAM configuration for a set of services and their components
- Detection - A match for a monitor query on a single assessment job
- Finding - An evolving history of detections for a single query match, across multiple assessment jobs; findings also have a status and you may attach notes to a finding; statuses are:
- Open - The finding has been detected in the latest job
- Ignored - The finding has been manually ignored by an assessment owner
- Resolved - The finding was not detected in the latest job
- Job - A single data collection and analysis run for an assessment
- Monitor - A query that will run automatically on every assessment job; it also includes a description, severity, and any suggested remediation actions
- Query - A search of an assessment job's data for a specific set of terms; a query is composed of a "show" part (describing what element of the IAM configuration to return) and a "where" part (describing conditions that the shown elements must match)
- Query Result - A single match for a query; a query may return 0 or more results