Security Xtractor

Generic inspection tool for users and roles, and granted privileges. Visual representation with shape-based roles or policies, similar to the Entity-Relationship Diagrams of Model Xtractor. Expandable relationships that can be collapsed into pairs of shape items. For Role-Based Access Control security objects from databases or cloud accounts.

Download Free Security Xtractor

Security Xtractor Features Summary

RBAC Inspectorextract and inspect Role-Based Access Security objects
Security Object Browservisualize in a better manner granted privileges and allowed or denied permissions
Role Hierarchygraphic visualization of all relationships between roles
Relationships between Objectsbetter visualization of all relationships between groups, users, roles and the attached or inline policies
Grants by Object Typeshow permission shape items grouped by the type of object or the resource name
Database RBACgradually added for all databases with RBAC support
Cloud Providersgradually added for all major cloud providers (AWS, Azure, GCP)
Normalized Permission Representationavoids the JSON-based representation of access policies in AWS
Builtin Security Objectssupports the predefined roles and other security objects
Attached and Inline Policiesdifferent representations for inline and managed AWS policies
Related Objects Onlyimports only the roles related to current database, to avoid clutter

Security Object Browser


One-time reverse engineer, to extract security information from database platforms like Snowflake Cloud Database or cloud accounts like Amazon Web Services. Visualize relationships and privileges in the Objects browser.

Relationships and the Role Hierarchy


Similar to the Entity-Relationship Diagrams from Model Xtractor, drag and drop groups, users, roles or policies into a diagram, to render as shapes and visualize the relationships between them.

Granted Role Privileges


Expand the shapes to visualize the granted privileges, eventually grouped by the type of object. Collapse groups and keep only what you care about, to avoid clutter.

Predefined Builtin Roles

Visualize the relationships between some predefined system objects. Show only privileges related to the current database, to avoid clutter.

Inspect AWS Permissions


Connect to your AWS (Amazon Web Services) account, to automatically import metadata on users and groups, roles and access policies. Inspect conditional allowed permissions or denied restrictions in the Objects browser.

Show Managed and Inline Policies

Visualize related inline and attached access policies to a role in a different manner.

Show Allowed and Denied Permissions

Get a visual grouped representation of all allowed or denied actions from an AWS access policy.

ImportantData Xtractor includes all the functionality of Security Xtractor, but you can also show ERDs, type, design and run SQL queries, and push their results into regular or inline charts.

As a combination of Visual, Query, Model and Security Xtractor, in Data Xtractor you may also browse data, and add data visualization graphs.

Download Data Xtractor