Generic inspection tool for users and roles, and granted privileges. Visual representation with shape-based roles or policies, similar to the Entity-Relationship Diagrams of Model Xtractor. Expandable relationships that can be collapsed into pairs of shape items. For Role-Based Access Control security objects from databases or cloud accounts.
Security Xtractor Features Summary
|RBAC Inspector||extract and inspect Role-Based Access Security objects|
|Security Object Browser||visualize in a better manner granted privileges and allowed or denied permissions|
|Role Hierarchy||graphic visualization of all relationships between roles|
|Relationships between Objects||better visualization of all relationships between groups, users, roles and the attached or inline policies|
|Grants by Object Type||show permission shape items grouped by the type of object or the resource name|
|Database RBAC||gradually added for all databases with RBAC support|
|Cloud Providers||gradually added for all major cloud providers (AWS, Azure, GCP)|
|Normalized Permission Representation||avoids the JSON-based representation of access policies in AWS|
|Builtin Security Objects||supports the predefined roles and other security objects|
|Attached and Inline Policies||different representations for inline and managed AWS policies|
|Related Objects Only||imports only the roles related to current database, to avoid clutter|
Security Object Browser
One-time reverse engineer, to extract security information from database platforms like Snowflake Cloud Database or cloud accounts like Amazon Web Services. Visualize relationships and privileges in the Objects browser.
Relationships and the Role Hierarchy
Similar to the Entity-Relationship Diagrams from Model Xtractor, drag and drop groups, users, roles or policies into a diagram, to render as shapes and visualize the relationships between them.
Granted Role Privileges
Expand the shapes to visualize the granted privileges, eventually grouped by the type of object. Collapse groups and keep only what you care about, to avoid clutter.
Predefined Builtin Roles
Visualize the relationships between some predefined system objects. Show only privileges related to the current database, to avoid clutter.
Inspect AWS Permissions
Connect to your AWS (Amazon Web Services) account, to automatically import metadata on users and groups, roles and access policies. Inspect conditional allowed permissions or denied restrictions in the Objects browser.
Show Managed and Inline Policies
Visualize related inline and attached access policies to a role in a different manner.
Show Allowed and Denied Permissions
Get a visual grouped representation of all allowed or denied actions from an AWS access policy.
Data Xtractor includes all the functionality of Security Xtractor, but you can also show ERDs, type, design and run SQL queries, and push their results into regular or inline charts.
As a combination of Visual, Query, Model and Security Xtractor, in Data Xtractor you may also browse data, and add data visualization graphs.