💡 Still using the classic Drata experience? Refer to Manage Connected Infrastructure Accounts for the original UI.
What’s changed
Managing infrastructure accounts is now handled through a dedicated page in the New Experience.
Instead of accessing account management from an individual connection card, you can now review and manage infrastructure accounts from the Connections page → Infrastructure page.
Overview
Managing connected infrastructure accounts helps ensure Drata accurately tracks who has access to your systems and maintains a clear audit trail for access changes.
Prerequisites
Before managing infrastructure accounts in Drata:
An infrastructure provider (such as AWS, GCP, or Azure) must be connected
An identity provider must be connected to sync personnel into Drata
Drata uses read-only access to collect this information and does not make changes in your infrastructure provider.
How infrastructure accounts appear in Drata
The Infrastructure page shows accounts discovered through your connected infrastructure providers.
This page helps you:
View which infrastructure accounts Drata is monitoring
Understand who or what each account represents
Link accounts to personnel
Identify service or system accounts
Maintain an audit trail for access changes
Infrastructure account information such as:
The current access state reported by the provider
Indicators such as MFA status, when available
Link infrastructure accounts to personnel
When infrastructure accounts are first synced, they may not be automatically linked to personnel. Linking accounts helps Drata accurately track who has access to your infrastructure and maintain a clear audit trail.
For a complete explanation of how account linking works across Drata, including how service accounts are handled, refer to Linking accounts to personnel in Drata.
Access changes and audit trail
Note: When you remove a user from your connected infrastructure system, it can take up to 24 hours to see the updates appear within Drata. This is due to the connection API.
Deleting an account in your infrastructure provider will not remove it from Drata. Instead, Drata records a timestamp indicating when access was revoked, creating an audit trail used to track access control SLAs. The timestamp is indicated under the Access revoked column.
This ensures you can demonstrate when access was removed, which is often required during audits.
MFA status and Database and Admin access indicators
For infrastructure accounts, Drata may display indicators such as database access or administrative access.
Drata does not allow you to enable or disable DB or admin access from this page. To change these permissions, update the account directly in your infrastructure provider. Drata will reflect the change after the next sync.
For some infrastructure accounts, Drata detects access indicators such as MFA status. Important details are indicated under the MFA column.
MFA status is read-only and reported by the provider
MFA configuration must be managed in the provider, not in Drata
These indicators are used to evaluate relevant compliance tests
If an MFA-related test fails, refer to Test 86: MFA on Identity Provider for remediation guidance.
Important considerations
Changes made in the infrastructure provider may take time to appear in Drata
Some fields are informational and do not directly affect monitoring
Learn more
Infrastructure connections overview
Understanding exclusions in Drata
Test 86: MFA on Identity Provider