You are currently viewing Untangle the Relationships in Your Cloud Infrastructure

Untangle the Relationships in Your Cloud Infrastructure

  • Post author:
  • Reading time:5 mins read

What is Untangling Relationships All About?

Saner Cloud helps you make sense of your AWS environment by mapping out the complex relationships between Users, Groups, Policies, and Roles.

It presents an interactive tree view(Details Map) that visually connects identities to the policies, permissions, services, and resources they interact with.

Clicking on any node in this Details Map — be it a user, group, policy, or role instantly presents detailed information in the Policy Details panel. This makes it easy to trace access paths, understand permissions, and identify potential security risks — all in one clean, intuitive interface.

Why it Matters?

  • Quickly identify who has access to what
  • Detect risky wildcard permissions
  • Visualize relationships without the need to sift through JSON files

How does Saner Cloud Untangle Complex AWS Policy Relationships Using a Visual, Interactive interface?

Here’s how that happens…

When you select the relevant identity (in this case, “Policies”) from the Saner CIEM dashboard, a policy tree view(left-hand-side section) presents with a list of AWS managed policies. The application allows you to search for and select the specific policy you want to visually trace and assess for a risk.

The Policy Details graph visually maps out the services and resources impacted by this policy. The graph starts with the policy at the top, indicated as a blue node, which is linked to permissions across services like EC2 and ACM (indicated as purple nodes). These nodes expand into specific actions or resources (green nodes). A Wildcard(*) represents the possible values for a scope or a set of actions and applied based on the principle of of least privilege(POLP). Users can always examine the wildcards closely and scope them down as needed.

For example:

Action: “s3:*” denotes all S3 actions(Get Object, DeleteBucket, etc.)

Action: “s3:Delete*” denotes all Delete actions in S3(DeleteBucket, DeleteObject, etc.)

Resource: “*” denotes all resources

Condition: “*” applies to all conditions

Service: “*” denotes all services in a cloud platform

In Summary

With just one click, you can visually see which infrastructure elements (resources, services, etc.) are impacted for any identity (Users, Groups, Policies, or Roles) and assess how broad or risky the permissions might be, which is critical for security and compliance.

Go Further

Saner Cloud is a comprehensive solution designed to help organizations effectively manage their cloud operations. Key features of the product include asset exposure, posture management, posture anomaly detection, identity and entitlement management, and remediation management.

Documentation is organized to help you quickly and efficiently find the information you need, whether you’re troubleshooting, learning how to use specific tools, or seeking in-depth knowledge about the product suite.

Discover how Saner CIEM is designed to identify risks across your cloud infrastructure. Schedule your trial today for a more comprehensive experience!