Private APIs
Documentation for Veza's private APIs for advanced access assessments
Overview
This section contains documentation for APIs in the private/ namespace for advanced access assessment capabilities. These APIs currently support advanced role analysis, entitlement comparisons, and access management for Snowflake environments.
Available APIs
Identifies grantees (such as roles) that provide specific access permissions to a given identity for a set of resources
Checks whether a role with specific resource permissions already exists
Simulates modifications to an existing role's permissions and checks if other roles with the resulting permission set already exist
Provides insights into role accessibility for users within a specified cost center
Common Use Cases
These APIs enable several identity security use cases:
Role Rationalization: Identify and consolidate redundant roles to simplify access management
Least Privilege Implementation: Find roles that provide necessary access with minimal excess permissions
Access Governance: Maintain a minimal set of roles by identifying functionally equivalent roles
Access Pattern Analysis: Discover common access patterns among users in the same organizational unit
Privileged Access Management: Analyze what additional privileges different roles would provide to a user
Limitations
These features are currently limited to the Snowflake integration.
Some APIs may have performance limitations with highly connected identities or complex permission structures.
Related Documentation
Last updated
Was this helpful?