Permission Explorer
Principals, scopes, role bindings, conditions, expiries, and high-risk grants
Total Principals
6
Federated
3
High-Risk Bindings
2
Expiring Soon
2
Identity Principals
| Principal ID | Type | Issuer | Federated | Risk Score | Bindings |
|---|---|---|---|---|---|
| principal-a1b2 | Human | Okta | ✓ | 12 | 3 |
| principal-c3d4 | Service Account | GCP IAM | — | 5 | 2 |
| principal-e5f6 | Workload | AWS STS | ✓ | 8 | 4 |
| principal-g7h8 | Managed Identity | Azure AD | ✓ | 3 | 1 |
| orchestration-agent-sa | Service Account | K8s | — | 15 | 5 |
| deployment-agent-sa | Service Account | K8s | — | 42 | 3 |
High-Risk Role Bindings
| Principal | Role | Scope | Expiry | Condition | Risk |
|---|---|---|---|---|---|
| deployment-agent-sa | deploy.canary | eigenbird-exec-* | 2h remaining | workflow.approved | high |
| orchestration-agent-sa | workflow.dispatch | eigenbird-agents | Permanent | None | medium |
| principal-e5f6 | sts:AssumeRole | arn:aws:iam::*:role/service-broker | 45m remaining | sts:ExternalId | high |