> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/dashboard/aws-dashboard.md).

# AWS Dashboard

Dashboard provides a general and holistic view of security posture about scanned AWS environments based on different perspectives.

### **Risk Pane (AWS Dashboard)**

This Risk Pane summarizes key risk metrics from the scan, including the overall Risk and Exposure Scores, Dangerous Paths, Shadow Admins, and severity levels (Critical to Info). It breaks down risks by MITRE ATT\&CK Tactics (e.g., Persistence, Privilege Escalation, Initial Access), Tags (e.g., Identity Governance, Account Security, Access Management), Impacts (e.g., Privilege Escalation via Policy Manipulation, Shadow Admin via Dangerous Permissions, Credential Exposure), and AWS Entity Types (e.g., AWSIAMUser, AWSIAMRole, AWSIAMGroup, AWSIAMPolicy, AWSIAMAccount, AWSOrganization). This layout helps quickly identify high-risk areas and prioritize remediation actions within AWS environments.

<figure><img src="/files/5unPI7BlYOa05gZLsuSL" alt="Risk Pane"><figcaption><p>Risk Pane</p></figcaption></figure>

### Risk Breakdown by Tags, Impacts and Entity Types

<figure><img src="/files/b1oqZAPf3Bq2mpACW6Iw" alt=""><figcaption><p>Risk Breakdown by Tags, Impacts and Entity Types</p></figcaption></figure>

**Risk Breakdown by Tags:** Risk scores based on Tags.

**Risk Breakdown by Impacts:** Risk scores based on Impacts.

**Risk Breakdown by Entity Types:** Risk scores based on Entity Types.

<figure><img src="/files/j4kNwWOAJfUGYWZic20L" alt=""><figcaption><p>AWS Entity Pane</p></figcaption></figure>

### **Users Table**

| Statistic        | Description                                                         |
| ---------------- | ------------------------------------------------------------------- |
| Privileged Users | The number of inactive user accounts.                               |
| Shadow Users     | The number of shadow admin user accounts.                           |
| Risky Users      | The number of user accounts that have a risk score greater than 50. |
| Inactive Users   | The number of inactive user accounts.                               |

### **Groups Table**

| Statistic        | Description                                                  |
| ---------------- | ------------------------------------------------------------ |
| Shadow Groups    | The number of shadow admin groups.                           |
| **Risky Groups** | The number of groups that have a risk score greater than 50. |

### **Roles Table**

| Statistic        | Description                                                 |
| ---------------- | ----------------------------------------------------------- |
| Privileged Roles | The number of privileged roles.                             |
| Shadow Roles     | The number of shadow admin roles.                           |
| Risky Roles      | The number of roles that have a risk score greater than 50. |
| Inactive Roles   | The number of inactive roles.                               |

### **Policies Table**

| Statistic      | Description                                                    |
| -------------- | -------------------------------------------------------------- |
| Risky Policies | The number of policies that have a risk score greater than 50. |

### **Access Keys Table**

| Statistic            | Description                         |
| -------------------- | ----------------------------------- |
| Inactive Access Keys | The number of inactive access keys. |


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.forestall.io/fsprotect/dashboard/aws-dashboard.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.