Using the Cloud Entitlement Dashboard get a detailed view of the identified risks in your AWS account by clicking on the relevant dashboard blocks. The dashboard automatically identifies over privileged entities based on actual use and recommends the right privileges.
Step 1: Access Cloud Entitlements
After you login, select Cloud Security from the landing page. Next, click the App Launcher(on top of the page) and choose CIEM(Cloud Infrastructure Entitlement Management).
Step 2: Get an Overview of the Inactive Users, Roles, and Over-Privileged Entities
View the count of:
- IAM (Identity Access Management) Users who have not been active and pose a security risk. The unused or excessive permissions result in privilege escalation or account compromise issues.
- Groups having excessive permissions in the associated cloud service
- Policies attached to the identity(Users, User Groups, or Roles) that grant permissions more than what’s needed
- The number of inactive IAM (Identity Access Management) Roles in your AWS account that may increase over time, making them unused or obsolete
- Critical Activity Logs that determine which permissions were in use
- Consolidated list of available Users, Groups, and Roles from the All Findings
Step 3: View the Detailed Statistics of Every Entity
Click on the entities from the various sections and get a detailed summary on the:
- User and their associated AWS permissions. Key details include: User Information with Name, ID, ARN, Created date, Last accessed date, Inline policies, Managed policies, User groups, and high privilege policies
- Policy details with Name, Association link to the user, ARN, Services, Resources, and Effect(allow or deny access to users)
Step 4: Examine Permissions with Details Map
Examine the permissions mapped to an identity by looking into the details.
See Also
