Excessive Permission

The IAM user and service which not used or rarely used the ACS platform evaluated those data excessive permission. This is means the data of IAM user and service in excessive page evaluated with some certain criteria.

Top of the excessive permission page give user a over view of

  • Inactive user

  • Inactive service

  • Over privileged service identities

  • Over privileged users

Excessive permission also have 5 filters to filter the data for clear and concise view

  • IAM type filter

  • Severity filter

  • Services filter

  • Label filter

  • Last activity filter

The user can also spot

  • All the inactive and overprivileged IAM users and roles in result

  • Their last activity

  • Service used by IAM users and role

  • Findings for IAM users and role

Inactive users: Inactive user is like a IAM user who did not login in past 90 days

Inactive services: Inactive services is the service is use in past 90 days

Overprivileged service identities: Overprvileged service identities is like the service was never being used.

Overprivileged users: Overprivileged users who never logged in the platform

IAM type filter: The user can spot the result of the excessive permission page by IAM type. Users can have a separate view of IAM user and IAM roles by IAM type filter

Severity filter: The user can spot the result of the excessive permission page by the impact of severity as well. 4 severity parameters are available on the excessive permission page e.g. Critical severity, High severity, Medium severity, and low severity.

Services filter: A IAM user might take several services in a platform e.g.Amazon Managed Service for Prometheus, Amazon EC2, Amazon Route 53 Domains, AWS CloudWatch RUM, Amazon Connect Voice ID, etc. So our users can also see the result of excessive permission page by service taken by the IAM user.

Label filter: Label filter allows the user to spot the result of the excessive permission page by its label e.g. MFA, No MFA, Admin, EC2 elevated permission, 3rd party, etc.

Last activity filter: Last activity filter allows the user to select a date range and spot the result within the date range.

Last updated