How to query IAM permissions with multiple roles via RQL in Prisma Cloud

How to query IAM permissions with multiple roles via RQL in Prisma Cloud

2125
Created On 06/07/22 19:00 PM - Last Modified 02/14/25 19:37 PM


Objective


Prisma Cloud soon be offering a beta Graph feature by the end of July 2022 it will be released.
This will allow you to better customize IAM RQL to focus on certain role names through the UI.

Investigate Page > Search > Granters > Role 
Screen Shot 2022-06-07 at 3.19.45 PM.png

Environment


  • Prisma Cloud
  • Investigate Page RQL (Resource Query Language)
  • IAM (Identity Access Management)

Procedure


Place this RQL in the Investigate Page search bar. Customize it to the IAM roles of your choice.  
config from iam where dest.cloud.type = 'AWS' and grantedby.cloud.entity.name IN ( 'my role1','my role2')

It can also be attached to any IAM policy which you want multiple roles displayed. 

For example: Investigate Page > Search > Granters > Role

Screen Shot 2022-06-10 at 3.01.07 PM.png

Additional Information


Read more here from our IAM RQL library for examples. 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CpvwCAC&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail