🔬Result Details

Credential

Identity

The identity accessed via this credential

Last used

The most recent date that this credential was used

Last rotated

When this credential was created

Entitlements

All entitlements that can be used for access via this credential

Risks

Access risks reachable from this credentiall, and the privileges that expose those risks

Entitlement

Principal

The principal identity that is assigned this entitlement

Role | Policy

The name of the granted role (for non-AWS systems) or policy (for AWS)

Condition

(GCP role bindings only) this role binding's access condition

Resource

The resource(s) to which this entitlement grants direct access

Risks

Reachable IAM risks for this entitlement, broken down by whether the privilege(s) that yield the risk are used or not within the previous 90 days

Accessible by

The identities that can use this entitlement, including via federation, group membership, or lateral movement

Identity

Parent

The resource in which the identity is defined (e.g. AWS account, Azure subscription, GCP project, etc.)

Last Used

The last time this identity authenticated with its identity provider

Accessible by

(Federation identities only) the identities that can gain access to your system via this federation identity

Members

(Groups only) this group's direct and indirect members

MFA

(Users only) whether two-factor authentication is required for this user

Entitlements

A link to view all of the identity's entitlements

Risks

Access risks reachable from this identity, and the privileges that expose those risks

Resource

Parent

This resource's parent resource in the system's resource hierarchy (e.g. a database table's parent resource will be its enclosing database schema); top-level resources have the service as their parent

Children

A list of all this resource's child resources (e.g. a database schema will have all its tables, indices, views, etc. as children)

Accessible by

All identities that have direct access to this resource