External Accounts

Shows external AWS accounts accessing your resources.

The External Accounts page shows all AWS accounts that have accessed your cloud resources, distinguishing between your own linked accounts and external or unknown accounts. Use this page to identify and review unexpected cross-account access.

Summary Cards

Card

What It Shows

Publicly Exposed Resources

Count of resources accessible by anyone on the internet (links to Public Resources)

New External Accounts

Count of external accounts that have not yet been reviewed

Trusted Vendors

Count of accounts that have been approved/whitelisted

Status Tabs

Accounts are organized into three tabs:

Tab

Meaning

Needs Review

External accounts that have accessed your resources but have not been assessed

Approved

Accounts confirmed as trusted vendors or expected cross-account access

In Violation

Accounts flagged as unauthorized or suspicious

Reviewing External Accounts

Approving an Account

If an external account is a known trusted vendor or partner:

Select the account(s) using the checkboxes.
Click Approve Selected.

Flagging a Violation

If an account should not have access:

Select the account(s) using the checkboxes.
Click Flag as Violation.

Changing a Previously Set Status

From the Approved tab: use Move to Needs Review or Flag as Violation
From the In Violation tab: use Move to Needs Review or Approve Selected

All action buttons are disabled until at least one account is selected.

Public Resources: Review publicly accessible resources
Forensic Analysis: Search CloudTrail logs to see what specific actions an account performed

PreviousClassification Details NextForensic Analysis

Last updated 1 month ago

hashtagSummary Cards

hashtagStatus Tabs

hashtagReviewing External Accounts

hashtagApproving an Account

hashtagFlagging a Violation

hashtagChanging a Previously Set Status

hashtagRelated Pages