IAM visualization
You can view AWS identity and access management (IAM) relationships.
Sophos Cloud Optix provides an easy-to-use visualization of your AWS identity and access management (IAM) principals, services and resources.
You can see relationships between services and resources such as IAM users, IAM groups, IAM roles, EC2 instances, and Lambda functions. This helps you assess the risks associated with granting access to services.
Use IAM visualization to answer important questions, such as:
- Which EC2 instances and Lambda functions have access to the S3 storage service?
- Which IAM users have access to the EC2 service?
- How do IAM users access a specific service, for example via group membership, IAM roles, or directly via in-line policies?
- Are any IAM users overprivileged? Do they have access to AWS services that they do not use?
To use IAM visualization, do as follows: