P0 App Documentation
Sign up for FreeSandbox
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
      • πŸ“¦AWS
        • Requesting Access
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Integrate P0 with Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • πŸ”ŒSIEM Integrations
      • Splunk HEC Setup
  • P0 Management
    • 🎩Role-Based Access Control
Powered by GitBook
On this page
  • Query path
  • Result information
  1. INVENTORY

Result Details

PreviousAccess InventoryNextQuery Search

Last updated 9 days ago

Clicking on a query result will open a drawer with that result's details. Details looks like this:

Query path

At the top of the details you'll see a graph visualization of why this result matches your query. For instance, if you select an identity with risk:exfiltration as your search, you'll see the entitlements and privileges that lead to data-exfiltration risks.

Result information

The top of the page shows detailed information for the result. The information displayed depends on the result type.

Credential

Identity

The identity accessed via this credential

Last used

The most recent date that this credential was used

Last rotated

When this credential was created

Entitlements

All entitlements that can be used for access via this credential

Risks

Access risks reachable from this credentiall, and the privileges that expose those risks

Entitlement

Principal

The principal identity that is assigned this entitlement

Role | Policy

The name of the granted role (for non-AWS systems) or policy (for AWS)

Condition

(GCP role bindings only) this role binding's access condition

Resource

The resource(s) to which this entitlement grants direct access

Risks

Reachable IAM risks for this entitlement, broken down by whether the privilege(s) that yield the risk are used or not within the previous 90 days

Accessible by

The identities that can use this entitlement, including via federation, group membership, or lateral movement

Identity

Parent

The resource in which the identity is defined (e.g. AWS account, Azure subscription, GCP project, etc.)

Last Used

The last time this identity authenticated with its identity provider

Accessible by

(Federation identities only) the identities that can gain access to your system via this federation identity

Members

(Groups only) this group's direct and indirect members

MFA

(Users only) whether two-factor authentication is required for this user

Entitlements

A link to view all of the identity's entitlements

Risks

Access risks reachable from this identity, and the privileges that expose those risks

Resource

Parent

This resource's parent resource in the system's resource hierarchy (e.g. a database table's parent resource will be its enclosing database schema); top-level resources have the service as their parent

Children

A list of all this resource's child resources (e.g. a database schema will have all its tables, indices, views, etc. as children)

Accessible by

All identities that have direct access to this resource

πŸ”¬