Remediate Excessive Permissions using CloudDefense.ai:
Top of the excessive permission page give user a over view of
- Inactive user
- Inactive service
- Over privileged service identities
- Over privileged users
Excessive permission also have 5 filters to filter the data for clear and concise view
- IAM type filter
- Severity filter
- Services filter
- Label filter
- Last activity filter
The user can also spot
- All the inactive and overprivileged IAM users and roles in result
- Their last activity
- Service used by IAM users and role
- Findings for IAM users and role
Inactive users: Inactive user is like a IAM user who did not login in past 90 days
Inactive services: Inactive services is the service is use in past 90 days
Overprivileged service identities: Overprvileged service identities is like the service was never being used.
Overprivileged users: Overprivileged users who never logged in the platform
IAM type filter: The user can spot the result of the excessive permission page by IAM type. Users can have a separate view of IAM user and IAM roles by IAM type filter
Severity filter: The user can spot the result of the excessive permission page by the impact of severity as well. 4 severity parameters are available on the excessive permission page e.g. Critical severity, High severity, Medium severity, and low severity.
Services filter: A IAM user might take several services in a platform e.g.Amazon Managed Service for Prometheus, Amazon EC2, Amazon Route 53 Domains, AWS CloudWatch RUM, Amazon Connect Voice ID, etc. So our users can also see the result of excessive permission page by service taken by the IAM user.
Label filter: Label filter allows the user to spot the result of the excessive permission page by its label e.g. MFA, No MFA, Admin, EC2 elevated permission, 3rd party, etc.
Last activity filter: Last activity filter allows the user to select a date range and spot the result within the date range.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article