CloudGuard Dome9 Help

IAM Reports


The IAM report gives you a dashboard view of the Dome9 IAM users for your cloud accounts. This shows summary statistics for these users, including the number using MFA, the rate of password or access key rotation, and use of IAM Safety leases.

IAM-Reports-dashboard.png

Hover on one of the summaries for the details (the numbers), and click it to open a detailed report in the Policy or Credential report pages.

Two additional reports can be reached from the dashboard:

  • the IAM Policy Report 
  • the Credentials Report

IAM Policy Report

This shows the IAM policies that have been defined in your cloud accounts. These policies grant permissions to these users, so this view shows you which permissions have been granted. IAM policies grant permissions to either IAM users or roles (which are then assumed by users). The view shows the specific cloud service (such as EC2, RDS, etc) affected by the policy, and the IAM entity (user or role) granted the permission.

IAM-Reports-Policy.png

You can filter the view for specific values in any of the columns.

Click FILTERS to save a set of filter settings to use again.

Click the GROUP BY button to aggregate entries into groups.

Click EXPORT TO CSV (in the upper right) to export the details as a file.

Credentials report

This report shows details for the IAM user accounts on your cloud account, including whether the user is enabled for IAM Safety access, whether MFA is enabled, and the date the password was last changed.

You can filter the view for any of the columns.

Click FILTERS to save a set of filter settings to use again.

Click the GROUP BY button to aggregate entries into groups.

Click EXPORT TO CSV (in the upper right) to export the details as a file.

IAM-Reports-Credentials.png