Resources discovery

Overview

In this article we will give an overview of the Resources page and how to utilize it for entitlement discovery. The Resources page provides a list of different resources available within an application. These resources are extracted from an application during the application integration stage.

To navigate to the Resources page, select the Resources page under the Entities section.

You can view all the resources across your application integrations within your tenant.

You can use the search box and filters to explore the your organization's resources. The following filter fields are available for this page:

• Resource - This field allows you to filter data based on a resource in an application. For example, you can choose to filter arn:aws:apigateway:::/apis/* Resource of type apigateway within AWS by selecting aws/apigateway/arn:aws:apigateway:::/apis/* as a filter from the filter field.

• Resource Type - This field filters data based on the type of resources available. For example, you can view all resources that belong to a channel resource type.

• Application - This field filters based on the specific Application Integration that you would like to explore. For example, you want to view Azure (Test Environment) data, you can add it as a filter in this field.

• Insight Filtering with insights allows you to see which resources have a user with some insights on them. For example, to view the resources which have resources marked with an Outlier insight, you can add Outlier as a filter in this field.

Using multiple filter fields together will help you navigate through the data swiftly and will make your time spent on discovering entities a lot more productive! Refer to working with filters to learn more about filters.

Viewing Individual Resources

When you select a resource from the list, a detailed view opens, giving you in-depth information about the identities and entities associated with it. This view is organized into two tabs for clarity:

The "Accessible By" Tab

The Accessible By tab provides a consolidated view of all entities that have access to this specific resource. This includes individual identities that have direct access, as well as connections (like groups or roles) that grant access to multiple identities. Think of it as answering: "Who or what can reach and interact with this resource?"

This tab is essential for quickly seeing all paths to a resource, whether directly or indirectly through a connection.

Exploring Entity Details

Every data point listed on the "Accessible By" tab is clickable. Clicking on an entity will open a sidebar providing detailed metadata about that specific entity. Each entity, depending on its type and the application it comes from, has its own unique set of metadata that gives you more context about it within the application.

Understanding Permissions

The "Permissions" column within this tab is also clickable. Clicking on the data in this column will reveal metadata specifically about the relationship between two entities shown in the tab.

To understand what each of these fields (like Connection Provider, Project, and Privileges) indicates, please refer to our dedicated guide on Understanding Entities and Entity Relations.

The "Identities" Tab

The Identities tab shows a straightforward list of all individual user and service identities that are directly tied to, or have access to, this specific resource. While "Accessible By" provides a broader view of entities, "Identities" focuses purely on the individual identities themselves.

You can use the search bar or filters menu to quickly find specific identities tied to this resource, making it easy to audit who has direct reach to it.