Group
Group represents a logical collection of user identities that are managed together to simplify access control and identity administration.
In UAI, a group is treated as an identity asset and includes metadata such as ownership, group type, visibility, member count, source system, and activity information. Tracking groups as assets helps identify high-privilege or sensitive groups, understand who controls them, monitor their usage, and assess the security risk they introduce to applications, resources, and environments.
For each group, the following information is displayed:
| Column | Description |
|---|---|
| Group Name & ID | Displays the name of the group along with its unique identifier. |
| Criticality | Displays the business importance of the group. |
| TruRisk™ Score | Displays the calculated TruRisk™ score for the group. |
| Asset Type | Displays the classification of the group as an identity asset. |
| Owner | Displays the user or users responsible for managing the group. |
| Group Type | Displays the functional category of the group. |
| Visibility | Displays whether the group is publicly visible or restricted. |
| Member Count | Displays the number of users currently assigned to the group. |
| Last Login | Displays the most recent login activity associated with the group. |
| Sources | Displays the source of the group, along with its first and last seen timestamp. |
| Tags | Displays tags associated with the group to support classification, filtering, and automation. |
View Group Identity Details
The Group Identity Details page provides details of the group identity discovered in your environment. This page displays essential identification information, including the group name, unique identifiers, group type, ownership, and visibility.
Expand the Inventory, Security, and Sources sections from the left pane and see various tabs under each section. To know more about the details you can see from these tabs, refer to the following topics:
Inventory Section
The Inventory section provides detailed information about the selected group.
The following tabs are available under the Inventory section:
The Group Identity Summary page displays the group’s critical attributes, ownership, visibility, activity timeline, and contextual metadata.
The summary displays high-level information about the group, including:
| Field | Description |
|---|---|
| Group Name | The primary name of the group. |
| Criticality Score | The Asset Criticality Score (ACS) assigned to the group. |
| TruRisk™ Score | The calculated TruRisk™ score of the group. |
| Asset Class and Subclass | The asset classification includes the asset class and its corresponding subclass. |
Identification
The Identification section displays key attributes used to uniquely identify the group.
| Field | Description |
|---|---|
| Group ID | The unique identifier of the group. |
| Group Name | The name of the group. |
| Display Group Name | The display name of the group. |
| Group Type | The functional or business classification of the group. |
| Group Owners | Users responsible for managing the group. |
| Group Visibility | Displays whether the group is private or publicly visible. |
| Asset ID | The unique identifier assigned to the group. |
Location
The Location section displays the geographical location associated with the group based on discovery data.
This section includes:
- A map view indicating the last known location
- City, region, and country information
- Last Seen timestamp
Activity
The Activity section provides the following information for the group:
| Field | Description |
|---|---|
| First Discovered On | The date and time when the group was first discovered. |
| Created On | The date and time when the group record was created in the inventory. |
| Last Updated On | The most recent date and time when group attributes were modified. |
Tags
The Tags section displays all tags associated with the group.
You can:
- View existing tags applied to the group.
- Add new tags using Add Tags.
Cloud Metadata
The Cloud Metadata section displays cloud-related information associated with the group.
| Field | Description |
|---|---|
| Provider | The cloud service provider associated with the group. |
| Account ID | The cloud account identifier where the group exists. |
| Account Name | The account name of the associated cloud provider. |
| Region | The cloud region associated with the group. |
The Group Identity Details page provides all metadata associated with a selected Group.
General Information
The General section displays the general details of the group.
| Field | Description |
|---|---|
| Group ID | Unique identifier of the group. |
| Group Name | The name of the group. |
| Display Group Name | The display name of the group. |
| Description | Functional description of the group. |
| Group Type | Classification of the group based on its function. |
| Group Owners | Users responsible for managing and maintaining the group. |
| Group Visibility | Displays whether the group is Private or Public. |
| External Asset ID | External identifier associated with the group. |
| First Discovered On | Date and time when the group was first detected. |
| Created On | Date and time when the group record was created in the inventory. |
| Last Updated On | Date and time when the group details were last modified. |
Cloud Information
This section displays cloud-related context when the group is associated with a cloud provider or tenant.
| Field | Description |
|---|---|
| Provider | Cloud service provider associated with the group. |
| Account ID | Cloud account identifier where the group exists. |
| Account Name | Account name of the cloud provider. |
| Region | Cloud region associated with the group. |
| Region Canonical Name | Standardized region name. |
| Availability Zone | Availability zone linked to the group. |
| Tenant ID | Tenant identifier associated with the group. |
| Tenant Name | Tenant name associated with the group. |
Additional Attributes
This section lists custom key–value attributes discovered or assigned to the group.
| Attribute | Description |
|---|---|
| env | Indicates the environment context of the group (for example, Testing, Production). |
| team | Identifies the responsible team for the group. |
The Tags tab enables you to view and add tags associated with the group.
Internal Tags
Internal Tags are system-generated or user-defined tags. You can add a new tag by clicking Add Tags.
External Tags
External Tags are tags inherited from external sources such as cloud providers, container platforms, or integrated third-party systems.
Business InformationBusiness Information
The Business Information tab provides organizational context for the user identity.
Basic Information
The Basic Information section displays key business attributes associated with the group.
| Field | Description |
|---|---|
| Operational Status | The operational state of the group, such as Active or Inactive. |
| Department | The business unit associated with the group. |
| Environment | The environment in which the group operates, such as Engineering, Production, or Testing. |
| Owner / Custodian | Designated individual responsible for business ownership and accountability of the group. |
| Managed By | The person responsible for managing and maintaining the group. |
| Supported By | The team providing operational or technical support for the group. |
| Support Group | Defines the primary support group responsible for handling issues or requests related to the group. |
| Assigned Location | The geographical location associated with the group. |
The Permissions tab displays the access rights assigned to the user identity across different resources.
| Field | Description |
|---|---|
| Name & ID | The name of the permission along with its unique identifier. |
| Actions | The type of operation the user is allowed to perform, such as Read, Create, Update, or Delete. |
| Resource | The specific resource on which the permission is granted. |
| Resource Type | The category of the resource. |
Security Section
The Security section provides risk and security-related insights for the group. This section helps you assess the security posture of the group and prioritize remediation efforts based on risk indicators.
The following tab is available under the Security section:
The TruRisk™ Score provides a risk-based assessment of the group by aggregating multiple contributing factors. This score helps you understand the potential security impact of the group within your environment.
Sources Section
The Sources section provides visibility into how and from where the group was discovered.
The following tab is available under the Sources section:
The Summary tab provides a consolidated view of all external and internal sources that discovered the group.
External Sources
The External Sources section displays details of third-party platforms or integrations that discovered the user identity.
For each external source, the following information is displayed:
| Field | Description |
|---|---|
| Source Name | Name of the external source that detected the group. |
| First Found | Date and time when the group was first discovered by the external source. |
| Last Seen | Most recent date and time when the group was observed by the external source. |
| Source Native Key | Unique identifier assigned to the group by the external source. |
Sources
The Sources section lists all discovery sources associated with the group.
Add or Remove Tags
You can manage tags of the group from the Quick Actions or Actions menu. For more information on managing tags, refer to Manage Asset Tags.
Download Group Identity List
You can download the list of groups in a report from the Identity > Group tab in the following formats:
- Comma-Separated Value (CSV)
- Hypertext Markup Language (HTML)
- Extensible Markup Language (XML)
- Portable Document Format (PDF)
If you want to download the report in PDF format, you can select a maximum of 5 columns. If you select the Tags column, the report for up to 5,000 assets is downloaded.
To download, follow these steps:
- Click
on the Identity > Group tab. - Select the download format and the columns you want in the report.
-
Select the timezone.
-
Click Download.