The Account object contains details about the account that initiated or performed a specific activity within a system or application. Additionally, the Account object refers to logical Cloud and Software-as-a-Service (SaaS) based containers such as AWS Accounts, Azure Subscriptions, Oracle Cloud Compartments, Google Cloud Projects, and otherwise.
- Extends:
_entity
Attributes
Section titled “Attributes”name
- Type:
string_t - Requirement: recommended
The name of the account (e.g. GCP Project name, Linux Account name or AWS Account name).
type_id
- Type:
integer_t - Requirement: recommended
- Values:
0-Unknown: The account type is unknown.1-LDAP Account2-Windows Account3-AWS IAM User4-AWS IAM Role5-GCP Account6-Azure AD Account7-Mac OS Account8-Apple Account9-Linux Account10-AWS Account11-GCP Project12-OCI Compartment13-Azure Subscription14-Salesforce Account15-Google Workspace16-Servicenow Instance17-M365 Tenant18-Email Account99-Other: The account type is not mapped.
The normalized account type identifier.
uid
- Type:
string_t - Requirement: recommended
The unique identifier of the account (e.g. AWS Account ID, OCID, GCP Project ID, Azure Subscription ID, Google Workspace Customer ID, or M365 Tenant UID).
labels
- Type:
string_t - Requirement: optional
The list of labels associated to the account.
tags
- Type:
key_value_object - Requirement: optional
The list of tags; {key:value} pairs associated to the account.
type
- Type:
string_t - Requirement: optional
The account type, normalized to the caption of ‘account_type_id’. In the case of ‘Other’, it is defined by the event source.
Constraints
Section titled “Constraints”At least one of: name, uid