rpCheckup - AWS resource policy report
Account snapshot:
Report generated:
Organization:
Account ID:
| # | ARN | Service | Resource | Access Allows | In-Org Accounts | External Accounts |
|---|---|---|---|---|---|---|
| 1 | arn:aws:ec2:us-east-1:1234512345:image/ami-048d3c05a67a44f6e | ec2 | Image | External Accounts | <NONE> | 111111 (1) |
| 2 | arn:aws:ec2:us-east-1:1234512345:snapshot/snap-018137201c2d17347 | ec2 | Snapshot | External Accounts | <NONE> | 111111 (1) |
| 3 | arn:aws:ec2:us-east-1:1234512345:snapshot/snap-07deeacbc6af3fdd7 | ec2 | Snapshot | External Accounts | <NONE> | 111111 (1) |
| 4 | arn:aws:ecr:us-east-1:1234512345:repository/test-resource-exposure | ecr | Repository | External Accounts | <NONE> | 111111 (1) |
| 5 | arn:aws:elasticfilesystem:us-east-1:1234512345:file-system/fs-c4141b33 | efs | FileSystem | External Accounts | <NONE> | 111111 (1) |
| 6 | arn:aws:glacier:us-east-1:1234512345:vaults/test-resource-exposure | glacier | Vault | External Accounts | <NONE> | 111111 (1) |
| 7 | arn:aws:iam::1234512345:role/GoldFigOrgAccessToAccount | iam | Role | External Accounts | <NONE> | 111111, 222222 (2) |
| 8 | arn:aws:iam::1234512345:role/test-resource-exposure | iam | Role | External Accounts | <NONE> | 111111 (1) |
| 9 | arn:aws:iam::1234512345:role/test-resource-exposure-lambda | iam | Role | External Accounts | <NONE> | 111111 (1) |
| 10 | arn:aws:lambda:us-east-1:1234512345:function:test-resource-exposure | lambda | Function | External Accounts | <NONE> | 111111 (1) |
| 11 | arn:aws:rds:us-east-1:1234512345:snapshot:test-resource-exposure | rds | DBSnapshot | External Accounts | <NONE> | 111111 (1) |
| 12 | arn:aws:s3:::rpcheckup.example.com | s3 | Bucket | External Accounts | <NONE> | 111111 (1) |
| 13 | arn:aws:s3:::test-resource-exposure-vozajksyfjtcmgks | s3 | Bucket | External Accounts | <NONE> | 111111 (1) |
| 14 | arn:aws:ses:us-east-1:1234512345:identity:test-resource-exposure.com | ses | Identity | External Accounts | <NONE> | 111111 (1) |
| 15 | arn:aws:sns:us-east-1:1234512345:test-resource-exposure | sns | Topic | External Accounts | <NONE> | 111111 (1) |
| 16 | arn:aws:sqs:us-east-1:1234512345:test-resource-exposure | sqs | Queue | External Accounts | <NONE> | 111111 (1) |
Notes
- This report ignores resources that can, but currently don't, have resource policies. That means many resources that are created and managed only by IAM policies will not show up here. This report is intended to cover only the places where a resource policy has been put in place.
- If the account you are scanning is not the master account in an Organization, other accounts in the Organization may be detected as external accounts. This is because non-master accounts may not have access to see the organization structure.
goldfiglabs/rpCheckup v0.0.2
Made by Gold Fig Labs