Skip to main content

Entitlement Management Overview

in preview

Entitlement management is currently in preview.

Introduction to the Overview tab

The Overview tab provides a consolidated view of all identity and entitlement metrics.

  • Use the filters or search if you want to display metrics for a subset of entitlements. By default, the tab displays all entitlement metrics from the latest week.
  • Examine the Summary section to view high level information about excessive privileges, long-lived active access keys, user accounts, active/inactive users, and identities coverage.
  • Scroll down to examine additional sections of trend information: high risk, low usage, identity activity, and identity compliance.
  • Click Explore for any chart where you want to examine the data in more detail. For most charts, this opens the Explorer tab filtered to that chart's data. For example, clicking Explore for the Identities with excessive privileges chart opens the Explorer tab filtered by Entitlements used.
    For some charts, clicking Explore opens filtered results on the Alerts page or Cloud compliance page.
  • Use the available detailed information to begin deeper investigation into individual identities.

Summary

The summary provides a high level view of excessive privileges, long-lived access keys, user accounts, active/inactive users, and identities coverage.

To view pre-filtered detailed data for a specific chart, click Explore.

Identities with excessive privileges

This chart helps you gauge how well you are adhering to least privilege access in your environment. You can select a different threshold of unused entitlements from the drop-down menu.

Access keys older than 180 days

The summary defines access keys as long-term credentials for an IAM user or the AWS account root user.

This chart helps you gauge how well you are managing access keys. You can choose to display all access keys or only active or inactive keys.

Total user accounts

This chart shows the trend for the number of total user accounts.

Users

This chart shows the trend for the number of active and inactive users.

Coverage

This chart shows the trend for the number of identities classified as groups and principals.

Trend charts

Trend charts are divided into the following sections:

  • High risk trends
  • Low usage trends
  • Identity activity trends
  • Identity compliance trends

To display a chart's detailed data, filtered specifically for that chart, click Explore.