Gain a Deeper Understanding of Your Cloud Resources

Collect details on all of your cloud services - not just one.

Start Your Free Trial

You've Never Seen Your Environment with this Level of Detail

JupiterOne Integrates with Dozens of Services for Cloud Providers


More than 2-Dozen AWS Services

JupiterOne provides robust integrations with more than 30 AWS services – from EC2 instances to Config. These relationships with each of these services are mapped to users and other DevOps tools to create a robust picture of an organizations environment.

Explore AWS Integrations
  • What accounts are in my AWS organization?
  • Which external AWS accounts are in my environment but not part of my organization?
  • Is there anything that connects to an external AWS account that is not part of my organization?
  • Was the root account user recently used to log in or access?
  • Is MFA enabled for the Account Root User for all my AWS accounts?
  • Are there root user access keys in use for any of my AWS accounts?
  • Is MFA enabled for all IAM users that have a console password?
  • Which IAM users do not have a console password?
  • Which IAM users do not have an access key?
  • Which IAM user access keys were recently used (in the past week)?
  • Are there active IAM user access keys unused for more than 90 days?
  • Who recently updated their IAM user password (in the past week)?
  • Which IAM user has password older than 90 days?
  • Who recently logged in to the AWS console (in the past week)?
  • Which IAM user has not logged in to the console in more than 90 days?
  • Which IAM user account recently accessed their account (in the past week)?
  • Which IAM user account has not been accessed in 90 days?
  • Which IAM role has not been used in 90 days?
  • Which IAM user access keys were recently created (in the past week)?
  • Which IAM user access keys are older than 90 days?
  • Are there inactive IAM user access keys?
  • IAM password policy should require at least one uppercase letter.
  • IAM password policy should require at least one lowercase letter.
  • IAM password policy should require at least one symbol.
  • IAM password policy should require at least one number.
  • IAM password policy should require minimum length of 14 characters.
  • IAM password policy should prevent reuse of the same password (for at least past 10 history).
  • IAM password policy should enforce password expiration within 90 days.
  • Are there IAM Users with inline policy directly attached?
  • Which IAM policies allow full admin access to any and all resources?
  • Find all the IAM user access keys in production AWS accounts.
  • Find all the SSH key pairs in production AWS accounts.
  • Are there SSH keys not in use?
  • What Lambda functions are in my environment, and what triggers them?
  • How are my Lambda functions invoked?
  • List Lambda Functions by Runtime
  • Which Lambda functions are inside a VPC?
  • Is there an IAM role created to manage incidents and tickets with AWS Support?
  • Which IAM roles are assigned which IAM policies?
  • Who has been assigned full Administrator access?
  • Who has direct user access to my AWS accounts?
  • Who has direct user access to my production AWS accounts?
  • Who has access to my AWS accounts via SSO?
  • Who has access to my production AWS accounts via SSO?
  • Who has access to my AWS accounts via SSO in a multi-account environment?
  • Who can assume which role across my AWS environment?
  • Are there assume role trusts to external entities?
  • What are the service roles in my AWS accounts (i.e. an IAM Role that has a trust policy to an AWS Service)?
  • What trusts are configured to a federated identity provider?
  • Are there users with non-compliant endpoint devices that can access AWS?
  • What compute resources are configured for use by AWS Batch?
  • What are the active Batch container job definitions?
  • How many inactive Batch job definitions are there?
  • Which EC2 instances have actively running ECS container instances?
  • Show me details of currently running ECS tasks.
  • Are all EBS volumes encrypted?
  • Is default server side encryption enabled for all S3 Buckets?
  • Is public access block configured for non-public S3 Buckets?
  • Is public read access enabled for any S3 Bucket?
  • Is public write access enabled for any S3 Bucket?
  • Is public access enabled for any S3 Bucket?
  • Is S3 bucket access granted to anybody outside of the account?
  • Is there any S3 bucket that grants full control access to anybody other than the owner?
  • Which S3 buckets are used to store cloudtrail logs?
  • Which S3 buckets have inventory reports enabled? And where do they publish to?
  • Is CloudTrail logging enabled?
  • Who has access to cloudtrail logs?
  • Is the S3 bucket containing cloudtrail logs publicly accessible?
  • Is CloudTrail logging / trails integrated with CloudWatch logs?
  • Is access logging enabled on the S3 bucket containing cloudtrail logs?
  • Is encryption enabled on the S3 bucket containing cloudtrail logs?
  • Is there any leak credential or secret in CloudFormation stack parameters or outputs?
  • Which EC2 instances or Lambda functions are configured to write logs to CloudWatch?
  • Are there any EBS volumes not in use?
  • Are there EC2 instances exposed to the Internet?
  • Which EC2 instances may have external network connections?
  • Which security group rules allow inbound traffic from a public network or host on the Internet?
  • Which security group rules allow outbound traffic to a public network or host on the Internet?
  • Which security group rules allow inbound SSH traffic from the Internet?
  • Which security group rules allow inbound RDP (remote desktop) traffic from the Internet?
  • Which security group rules allow inbound traffic from the Internet?
  • Which security group rules allow outbound traffic to the Internet?
  • Which Lambda functions are associated with CloudFront distributions (Lambda@Edge)?
  • Which S3 buckets host static content for CloudFront distribution (CDN)?
  • Which certificates are in use by CloudFront distributions?
  • What resources are used by or associated with CloudFront distributions?
  • Are there ENIs not in use?
  • Are there EIPs not in use?
  • Are all the AWS Config rules complaint?
  • Are there any noncompliant production resources in AWS per Config evaluation?
  • Show me correlation of instances impacted by Inspector findings and GuardDuty findings
  • Are there public facing instances that are allowed to access non-public S3 buckets?
  • What IAM roles and policies can external facing instances use?
  • S3 buckets referenced in IAM or bucket policies that do not exist in integrated accounts
  • AWS Cross-Account Assume Role Trusts Diagram
  • Are VPC Flow Logs enabled?
  • What is the estimated monthly cost of my RDS database backups?
  • What’s behind elastic load balancers?

All the Security Insights.Just a Query Away.

JupiterOne is built on a searchable graph. You can discover the relationships and details you need with a simple keyword search or a robust query. Easily save queries, set as alerts or configure into your security framework adherence.

JupiterOne has more than 100 out of the box questions – and customizable – for identifying answers about your critical resources on AWS. See the complete list on our AWS Integration page.

CASE STUDY

Aver uses JupiterOne to Do Robust, Reliable Threat Modeling in Minutes

Explore how queries and integrating directly with their AWS resources made the analysis easier and more insightful.

Providing Complete Visibility for Leading Cloud-Native Organizations

Providing Complete Visibility for Leading Cloud-Native Organizations

databricks logo