Access Visibility
Find entities and relationships across identity, cloud, and data providers.
Last updated
Was this helpful?
Find entities and relationships across identity, cloud, and data providers.
Last updated
Was this helpful?
Veza parses authorization metadata for connected cloud providers and data sources, which you can interact with using powerful interfaces. Access Search includes the and , providing interfaces for exploring identity and data authorization relationships.
Veza offers a query builder and visual graph search to help you understand and monitor the relationships between in the Authorization Graph.
Each search mode can answer questions such as:
Graph: "What policies enable Microsoft Azure AD identities to reach sensitive Google Cloud projects?"
Query Builder: "How many Okta users can view tickets in our service desk application?"
The (AG) shows the full path of permissions for the selected entity or types of entities (such as Okta User to Snowflake Table). Graph search results include the intermediate roles, policies, groups, or other component entities that result in an identity's cumulative permissions on a resource. You can click on an individual result to view more details or traverse the graph to view other connected entities.
Graph search is ideal for checking the blast radius of a risk, inspecting all the resources an identity can access, and exploring connections between different entity types.
The provides results in a table and can be used to establish security baselines when associated with , , and . The Query Builder lets you review all source or destination entity attributes and create fine-grained searches using these properties.
For example, you could create a query to warn whenever the number of users with access to a resource changes or when users become dormant. Queries will return results based on the chosen entity or type of entity, a specified destination, and any applied filters. Columns will contain additional entity properties and permission details.
When viewing Saved Queries and Veza Insights, you can view the results in Authorization Graph or open the original query in Query Builder. To customize an assessment, open it in the Query Builder. You can modify the underlying conditions or save a copy before adding it to a report.
Veza ships with hundreds of out-of-the-box to offer a starting point for customized queries and provide immediate insight into integrated data sources. You can browse some of these from the page or create a new Report to review and add queries based on label or integration type.
See the following pages for more about Veza search interfaces and concepts: