Private early release Invite-only while we onboard design partners. Interested? Get in touch.
Troposphere
Sign in Request access
Pillar · Access

Who can touch what?

Discover every user, group, and service account across all your connected clouds. See their roles at the resource level, spot privileged access, and answer 'who can touch this?' in seconds — not days.

Read the docs
All features 01 Cost 02 Access 03 Governance
Directory

Every identity, in one place.

Troposphere discovers every principal across your connections and unifies them into a single directory — users, groups, and service accounts side by side, regardless of which IAM system they live in.

  • Users, groups, and service accounts in one view
  • Filter by connection, type, role, or status
  • Searchable across every connection
487
Total Principals
412
Active

By Type

Users
312
Groups
64
Service Accounts
89
Federated
22

Role Distribution

Reader
248
Contributor
142
Editor
78
Admin
16
Owner
12

Privileged Access

28 principals
Owner
12
Admin
16
Assignments

Map roles to the resources they touch.

Troposphere flattens every role assignment in your connections — direct, inherited, and group-derived — and joins it back to the resource inventory. Filter by role, principal, or resource and get an instant answer.

  • Direct, inherited, and group-derived assignments
  • Resource-level granularity
  • Filter by role, principal, or scope
Review

The accounts that can break things — by name.

Owners, admins, and privileged service accounts listed individually, not just tallied. See who they are, which connection they're privileged in, and where their role came from.

  • Every Owner and Admin listed by name
  • Service accounts alongside human principals
  • Connection and role source at a glance
  • Refreshed on every scan

Privileged principals

5 of 28

platform-admins

Owner · prod-platform · direct

owner

deploy-ci

Admin · data-warehouse · direct

admin

sre-oncall

Owner · web-services · group

owner

infra-automation

Admin · ml-workloads · direct

admin

finance-admins

Admin · billing · group

admin
Who it's for

Built for the teams who answer the access question.

Security & GRC

Continuous evidence instead of screenshots from quarterly reviews. A privileged inventory that stays current.

Platform & SRE

One directory to answer 'who can touch this?' in seconds. See the blast radius of any privileged role at a glance.

IT & Identity

Offboard with confidence — see every assignment a principal has, across every connection, on one screen.

See access on your own cloud.

Connect a read-only credential and you're live in under five minutes.

Talk to us