Users

The Users page provides a list of enumerated IAM users in the entire AWS environment. The list contains the Privileged, Tier, Console Access, MFA Enabled, Risk Score, Exposure Point and Issue Counts.

User Details

Details page contains the Risk Score of the user, Exposure Point, Information and Issues panes.

You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.

Information

Information Pane can contain different badges to highlight important attributes.

Badge

Description

Privileged

Indicates that the object is Privileged.

Tier

Indicates that the object tier according to risk score and importance.

Console Access

Indicates that the user has AWS Management Console access.

Shadow Admin

Indicates that the object can compromise admin objects with at least one attack path.

Information Pane contains Details, Groups, Policies, Access Keys tabs.

Details

Details tab contains attributes below about the IAM user object.

Attribute

Description

Username

The IAM username used to identify and sign in to AWS services.

User ID

The unique identifier assigned to the IAM user by AWS.

ARN

The Amazon Resource Name that uniquely identifies the IAM user across AWS.

Account ID

The AWS account ID that the IAM user belongs to.

Path

The path associated with the IAM user, used for organizational grouping.

Region

The AWS region type associated with the account (e.g., Commercial, GovCloud, China).

Created

The date and time when the IAM user was created.

Password Last Used

The most recent date and time the user signed in using a password; blank if never used.

Has Password

Indicates whether the user has a console login password configured.

MFA Enabled

Indicates whether multi-factor authentication is enabled for the user.

Console Access

Indicates whether the user is allowed to sign in to the AWS Management Console.

Permissions Boundary

The managed policy used to set the maximum permissions for the user; blank if not set.

Source Tenant

The name of the tenant or configuration source from which the user was scanned.

Object ID

The unique identifier of the user object, equivalent to the IAM User ID.

Groups

Groups tab contains a list of IAM groups that the user is a member of. This list also contains group-level details to identify the privilege levels of these groups.

Policies

Policies tab contains a list of IAM policies attached to the user, including both managed and inline policies. This list also contains columns such as AWS Managed and Grants Admin Privileges to identify the scope and risk level of each policy.

Access Keys

Access Keys tab contains a list of programmatic access keys associated with the user. This list also contains Status and Last Used columns to identify whether the keys are active and recently used.

Issues

Issues pane contains identified security issues on the IAM user object.

PreviousAWS Identities NextGroups

Last updated 6 days ago

Was this helpful?