AWS IAM Role
AWS IAM Role Fields
Guid
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
A unique identifier that is a combination of the GUID of the selected Scan and the AWS IAM Role's unique ID.
FSName
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
A special unique identifier that is a combination of the RoleName and the AWS Account ID.
Arn
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
Amazon Resource Name that uniquely identifies this IAM role across all of AWS.
AccountId
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The AWS account ID that this IAM role belongs to.
Region
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The AWS region associated with this IAM role.
OrganizationId
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The AWS Organizations ID that this role's account belongs to.
RoleName
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The friendly name that identifies the IAM role.
Description
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
A description of the role provided by the administrator.
Path
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The path to the role in the IAM hierarchy. Used to organize roles.
PermissionsBoundary
TEXT
LIKE, NOT_LIKE, EQUAL, NOT_EQUAL, IS_EMPTY
The ARN of the policy used to set the permissions boundary for the role. Limits the maximum permissions the role can have.
MaxSessionDuration
NUMBER
EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL
The maximum session duration (in seconds) for the role. Valid values are between 3600 and 43200.
IsPrivileged
BOOLEAN
N/A
Indicates whether the role has been identified as privileged based on its effective permissions.
IsServiceLinkedRole
BOOLEAN
N/A
Indicates whether this is an AWS service-linked role. These roles are pre-defined by AWS services and cannot be manually modified.
IsStealth
BOOLEAN
N/A
Indicates that the role can compromise admin objects with at least one attack path without being an explicit admin role.
IsInactive
BOOLEAN
N/A
Indicates whether the role has not been used for longer than the defined inactivity threshold.
AWSTier
NUMBER
EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL
Privilege tier of the role based on its effective permissions. Higher values indicate greater privilege.
CreateDate
DATE
SMALLER, LARGER, BETWEEN, EQUAL
The date and time when the IAM role was created.
RoleLastUsed
DATE
SMALLER, LARGER, BETWEEN, EQUAL
The date and time when the role was last used to make an AWS API call.
ExposurePoint
NUMBER
EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL
A numerical value indicating the level of exposure based on how many other entities can reach this role through attack paths.
risk
NUMBER
EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL
The risk score of the role calculated based on vulnerability counts and severities.
Last updated
Was this helpful?