> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/aws-identities/groups.md).
# Groups
**Groups**
The Groups page provides a list of enumerated IAM groups in the entire AWS environment. The list contains the Member Count, Tier 0, Shadow, Risk Score, Exposure Point and Issue Counts.
Groups
***
**Group Details**
Details page contains the Risk Score of the group, Exposure Point, Information and Issues panes.
You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.
Group Details
***
**Information**
Information Pane can contain different badges to highlight important attributes.
| Badge | Description |
| ------------ | ------------------------------------------------------------------------------------- |
| Tier | Indicates that the object tier according to risk score and importance. |
| Shadow Admin | Indicates that the object can compromise admin objects with at least one attack path. |
Information Pane contains Details, Users and Policies tabs.
***
**Details**
Details tab contains attributes below about the IAM group object.
| Attribute | Description |
| ------------ | --------------------------------------------------------------------------- |
| Group Name | The name of the IAM group, used for identification within AWS. |
| Group ID | The unique identifier assigned to the IAM group by AWS. |
| ARN | The Amazon Resource Name that uniquely identifies the IAM group across AWS. |
| Account ID | The AWS account ID that the IAM group belongs to. |
| Path | The path associated with the IAM group, used for organizational grouping. |
| Member Count | The number of IAM users that are members of this group. |
| Created | The date and time when the IAM group was created. |
| Object ID | The unique identifier of the group object, equivalent to the IAM Group ID. |
***
**Users**
Users tab contains a list of IAM users that are members of the group.
Users
***
**Policies**
Policies tab contains a list of IAM policies attached to the group, including both managed and inline policies. This list also contains columns such as AWS Managed and Grants Admin Privileges to identify the scope and risk level of each policy.
Policies
***
**Issues**
Issues pane contains identified security issues on the IAM group object.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:
```
GET https://docs.forestall.io/fsprotect/aws-identities/groups.md?ask=&goal=
```
`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.