View data about the activity in your authorization system

Important

CloudKnox Permissions Management (CloudKnox) is currently in PREVIEW. Some information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

The CloudKnox Permissions Management (CloudKnox) Dashboard provides an overview of the authorization system and account activity being monitored. You can use this dashboard to view data collected from your Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) authorization systems.

View data about your authorization system

  1. In the CloudKnox home page, select Dashboard.

  2. From the Authorization systems type dropdown, select AWS, Azure, or GCP.

  3. Select the Authorization System box to display a List of accounts and Folders available to you.

  4. Select the accounts and folders you want, and then select Apply.

    The Permission Creep Index (PCI) chart updates to display information about the accounts and folders you selected. The number of days since the information was last updated displays in the upper right corner.

  5. In the Permission Creep Index (PCI) graph, select a bubble.

    The bubble displays the number of identities that are considered high-risk.

    High-risk refers to the number of users who have permissions that exceed their normal or required usage.

  6. Select the box to display detailed information about the identities contributing to the Low PCI, Medium PCI, and High PCI.

  7. The Highest PCI change displays the authorization system name with the PCI number and the change number for the last seven days, if applicable.

    • To view all the changes and PCI ratings in your authorization system, select View all.
  8. To return to the PCI graph, select the Graph icon in the upper right of the list box.

For more information about the CloudKnox Dashboard, see View key statistics and data about your authorization system.

View user data on the PCI heat map

The Permission Creep Index (PCI) heat map shows the incurred risk of users with access to high-risk privileges. The distribution graph displays all the users who contribute to the privilege creep. It displays how many users contribute to a particular score. For example, if the score from the PCI chart is 14, the graph shows how many users have a score of 14.

  • To view detailed data about a user, select the number.

    The PCI trend graph shows you the historical trend of the PCI score over the last 90 days.

  • To download the PCI History report, select Download (the down arrow icon).

To view specific information about the following, select the number displayed on the heat map.

  • Users: Displays the total number of users and how many fall into the high, medium, and low categories.
  • Roles: Displays the total number of roles and how many fall into the high, medium, and low categories.
  • Resources: Displays the total number of resources and how many fall into the high, medium, and low categories.
  • PCI trend: Displays a line graph of the PCI trend over the last several weeks.

View identity findings

The Identity section below the heat map on the left side of the page shows all the relevant findings about identities, including roles that can access secret information, roles that are inactive, over provisioned active roles, and so on.

  • To expand the full list of identity findings, select All findings.

View resource findings

The Resource section below the heat map on the right side of the page shows all the relevant findings about your resources. It includes unencrypted S3 buckets, open security groups, managed keys, and so on.

Next steps