Result Details
Last updated
Last updated
Clicking on a query result will open a drawer with that result's details. Details looks like this:
At the top of the details you'll see a graph visualization of why this result matches your query. For instance, if you select an identity with risk:exfiltration
as your search, you'll see the entitlements and privileges that lead to data-exfiltration risks.
The top of the page shows detailed information for the result. The information displayed depends on the result type.
Credential
Identity
The identity accessed via this credential
Last used
The most recent date that this credential was used
Last rotated
When this credential was created
Entitlements
All entitlements that can be used for access via this credential
Risks
Access risks reachable from this credentiall, and the privileges that expose those risks
Entitlement
Principal
The principal identity that is assigned this entitlement
Role | Policy
The name of the granted role (for non-AWS systems) or policy (for AWS)
Condition
(GCP role bindings only) this role binding's access condition
Resource
The resource(s) to which this entitlement grants direct access
Risks
Reachable IAM risks for this entitlement, broken down by whether the privilege(s) that yield the risk are used or not within the previous 90 days
Accessible by
The identities that can use this entitlement, including via federation, group membership, or lateral movement
Identity
Parent
The resource in which the identity is defined (e.g. AWS account, Azure subscription, GCP project, etc.)
Last Used
The last time this identity authenticated with its identity provider
Accessible by
(Federation identities only) the identities that can gain access to your system via this federation identity
Members
(Groups only) this group's direct and indirect members
MFA
(Users only) whether two-factor authentication is required for this user
Entitlements
A link to view all of the identity's entitlements
Risks
Access risks reachable from this identity, and the privileges that expose those risks
Resource
Parent
This resource's parent resource in the system's resource hierarchy (e.g. a database table's parent resource will be its enclosing database schema); top-level resources have the service as their parent
Children
A list of all this resource's child resources (e.g. a database schema will have all its tables, indices, views, etc. as children)
Accessible by
All identities that have direct access to this resource