Connections discovery

Overview

In this article we will give an overview of the Connections page and how to utilize it for entitlement discovery. The Connections page provides a list of different connections available within an application integration. These connections are extracted from an application during the application integration stage.

To navigate to the Connections page, select the Connections page from the Entities group.

You can view all the connections with respect to the application that belong to your organization from here.

You can use the search box and filters to explore your organization's connections. The following filter fields are available for this page:

• Connection - This field allows you to filter data based on a connection in an application. For example, you can choose to filter admin connection in a group connection type within Confluence by selecting confluence/group/admin as a filter from the filter field.

• Connection Type - This field filters data based on the type of connections available. For example, you can view all connections that have a group connection type.

• Application - This field filters based on the specific Application Integration that you would like to explore. For example, you want to view Azure (Test Environment) data, you can add it as a filter in this field.

• Insight - Filtering with insights allows you to see which connections have a user with some insights on them. For example, to view the connections which have connections marked with an Outlier insight, you can add Outlier as a filter in this field.

Using multiple filter fields together will help you navigate through the data swiftly and will make your time spent on discovering entities a lot more productive! Refer to working with filters to learn more about filters.

Viewing Individual Connections

When you select a connection from the main list, a detailed view opens up, providing in-depth information about the entities associated with that specific connection. This view is organized into three distinct tabs to help you understand the connection's relationships:

The "Accessible By" Tab

The Accessible By tab offers a consolidated view of all identities and other connections that are members of, or gain access through, this particular connection. Think of it as answering the question: "Who or what can use this connection?"

This tab is crucial for understanding the direct beneficiaries of the connection. For instance, if you're looking at a security group, the "Accessible By" tab would list all the users and other nested groups that are part of it.

Exploring Entity Details

Every data point listed on the "Accessible By" tab is clickable. Clicking on an entity will open a sidebar providing detailed metadata about that specific entity. Each entity, depending on its type and the application it comes from, has its own unique set of metadata that gives you more context about it within the application.

Understanding Permissions

The "Permissions" column within this tab is also clickable. Clicking on the data in this column will reveal metadata specifically about the relationship between two entities shown in the tab.

To understand what each of these fields (like Connection Provider, Project, and Privileges) indicates, please refer to our dedicated guide on Understanding Entities and Entity Relations.

The "Has Access To" Tab

The Has Access To tab reveals which other connections and resources this specific connection can access. This answers the question: "What can this connection do or reach?"

This tab provides a critical insight into the permissions and scope of the connection itself. For example, if you're examining a role, the "Has Access To" tab would show you the specific resources (like a database, an S3 bucket, or another application's API) and other connections (like other roles or groups) that this role is permitted to interact with.

Exploring Entity Details

Every data point listed on the "Has Access To" tab is clickable. Clicking on an entity will open a sidebar providing detailed metadata about that specific entity. Each entity, depending on its type and the application it comes from, has its own unique set of metadata that gives you more context about it within the application.

Understanding Permissions

The "Permissions" column within this tab is also clickable. Clicking on the data in this column will reveal metadata specifically about the relationship between two entities shown in the tab.

To understand what each of these fields (like Connection Provider, Project, and Privileges) indicates, please refer to our dedicated guide on Understanding Entities and Entity Relations.

The "Identities" Tab

The Identities tab presents a straightforward list of all individual user and service identities that are directly tied to or associated with this connection. This tab helps you understand the immediate individuals or service accounts that leverage this specific connection for their access.

While the "Accessible By" tab might show broader entity types, the "Identities" tab focuses specifically on the individual identities that ultimately benefit from this connection's permissions.