AWS IAM
Cloud IAM
IAM roles, policies, trust relationships, AssumeRole chains, Identity Center, federated principals.
Integrations
Every system Identrail watches today.
Each connector is read-only by default. New integrations land in the open-source repo first, then in the hosted product. Need a stack we don't list yet? Open an issue or talk to us — we prioritise based on real demand.
Kubernetes
Container & orchestration
Service accounts, role/clusterrole bindings, pod-to-SA mapping, workload identity federation (EKS/GKE).
GitHub Actions
CI/CD & SCM
GitHub Actions OIDC stitching, environment trust policies, repo-level permission graphs.
OpenID Connect
Identity provider
Generic OIDC issuer ingestion. JWT claim resolution into target trust policies.
Terraform
Infrastructure-as-code
Plan-time analysis: identifies trust-policy diffs against the live graph before apply.
Docker
Container & orchestration
Image registry credentials, build-time identity resolution, Docker Hub OIDC.
PostgreSQL
Data store
Resource-side reachability: catalogs tables/schemas reachable through resolved identity paths.
Prometheus
Observability
Emits scan timing, finding counts, severity distribution, and connector health metrics.
Google Cloud IAM
Cloud IAM
Service accounts, workload identity federation, organisation policy resolution. Tracking issue in repo.
Azure AD / Entra
Cloud IAM
Managed identities, federated credentials, role assignments, conditional access for service principals.
HashiCorp Vault
Identity provider
AWS auth backend mapping, Kubernetes auth backend mapping, dynamic credential issuance into the graph.
Tell us what to build next.
Connector priority is set publicly in the repo. Upvote what you need or open a new issue with your use case.