When reviewing an identity in the identity explorer, it is possible to export all entitlements tied to the identity being reviewed. From this export additional fields can be seen one of which is the policy that each action is a part of along with the role/user it is attached to.
To export an entitlements list as a CSV follow the below steps:
- Navigate to Identities > Explore: Identities, select the identity that you want to investigate.
- Select the Entitlements tab to display all the entitlements that identity has and select the service you want to export.
- Once the service is selected, click the download icon to download the csv export which includes the policy name in column F.
Example CSV Output:
Principal ID | Account ID | Account Alias | Service name | Resource | Policy name | Updated time | Actions | Used | Last Used | Revoked | Condition |
arn:aws:iam::XXXXXXXXXXXX:root | XXXXXXXXXXXX |
| ebs | * | policy/test_policy |
| {"ebs:*":true} | 0:UNUSED | 0 | 1:UNKNOWN | 0] |
Additionally, if you need to identify the full arn for the specific AWS IAM policy name in the csv, use the following AWS cli command to convert the policy name to an arn.
aws iam list-policies --query 'PoliciesP?PolicyName==`<Your-Policy-Name>`].Arn' --output text
Agent
N/A
Platform
Using Lacework/Operationalizing
Cloud
AWS