awsSecretInformationAccessFinding resource type
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Represents findings for identities who can access secret information.
Inherits from finding.
The following resources inherit from this resource type:
- secretInformationAccessAwsResourceFinding
- secretInformationAccessAwsRoleFinding
- secretInformationAccessAwsServerlessFunctionFinding
- secretInformationAccessAwsUserFinding
Methods
None.
Properties
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | Defines when the finding was created. Inherited from finding. |
| id | String | Unique identifier for the finding. Inherited from entity. |
| lastActiveDateTime | DateTimeOffset | A date specifiying when the last time the identity in this Finding accessed a secret store |
| permissionsCreepIndex | permissionsCreepIndex | A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the current score for the identity. Supports $filter (gt) and $orderby. |
| secretInformationWebServices | awsSecretInformationWebServices | AWS secret stores which can be accessed by the user, role, resource or serverless function.The possible values are: secretsManager, certificateAuthority, cloudHsm, certificateManager, unknownFutureValue. Supports $filter (has). |
Relationships
| Relationship | Type | Description |
|---|---|---|
| identity | authorizationSystemIdentity | Represents an identity in an authorization system onboarded to Permissions Management. Inherited from identityFinding. Autoexpanded by default. Supports $filter as follows: $filter=identity/authorizationSystem/authorizationSystemId IN ('id1', 'id2'). |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.awsSecretInformationAccessFinding",
"id": "String (identifier)",
"createdDateTime": "String (timestamp)",
"secretInformationWebServices": "String",
"permissionsCreepIndex": {
"@odata.type": "microsoft.graph.permissionsCreepIndex"
},
"lastActiveDateTime": "String (timestamp)"
}