IAM Query Examples
Learn how to use the
config from iam where
query
to find risky or extra permissions assigned to cloud entities or users.A list of
config from iam where
query
examples for IAM AWS and IAM Azure.IAM AWS Examples
DESCRIPTION | RQL |
---|---|
Find all effective permissions of a specific IAM
user |
|
Find all permissions that were granted by the
role my-role |
|
Find all identities that can invoke the lambda
function my-function |
|
Find permissions granted by the Lambda function
itself |
|
Find all public access to S3 buckets in
the AWS Virginia region |
|
Find all permissions that allows action
on all resource (using ‘*’) |
|
IAM Azure Examples
DESCRIPTION | RQL |
---|---|
Find all effective permissions of the Azure AD
user my-user |
|
Find all permissions that were granted by the
custom role my-role |
|
Find all identities that can invoke the storage
account my-storage account |
|
Find all identities with the Microsoft.KeyVault/vaults/write permission
that haven’t used this permission for more than 10 days |
|
Recommended For You
Recommended Videos
Recommended videos not found.