You host some of your most sensitive cloud resources on Amazon Web Services (AWS). While AWS provides infrastructure security such as storage encryption and protection from network attacks, it’s your responsibility to leverage AWS Security integrations and protect access to your virtual infrastructure in the face of increasingly sophisticated cyber threats.
OneLogin’s powerful, easy-to-use authentication and role-based user provisioning engine lets you take complete control over access to AWS, as well as your other cloud-based apps. Quickly strengthen AWS access security by enabling single sign-on (SSO) across mobile, web, and desktop, and apply layered security such as multi-factor authentication (MFA) and security policies such as password complexity and IP restriction. Use Session Tags to extend access permissions across your AWS infrastructure. This makes it easier to enforce and automate least-privileged access at scale, eliminating time-consuming and risky AWS user management workflows
As you build out your AWS environment, cloud user and account setup and access management quickly becomes cumbersome and complex. OneLogin and Amazon Control Tower provide the easiest path to build a secure, baseline environment based on best industry practices. OneLogin integrates seamlessly to ensure that your organization has the appropriate identity safeguards and automation as you scale your multi-account, multi-role environment.
OneLogin also now integrates directly with Amazon EventBridge to enable Enterprise DevOps and SecOps groups to leverage identity insights, monitor activities across their environment, alert on threats, and execute event-based workflows across their hybrid environments. AWS enterprise users can then incorporate identity information across enterprise security workflows, such as threat detection and remediation, as well as employee lifecycle management.
Take the first step to protect your AWS deployment now with secure authentication and MFA.
Simple, Secure SSO across AWS Roles and Accounts
Simplify and protect Amazon Web Services (AWS) access with a single, secure authentication path for users. OneLogin uses SAML 2.0 to sign users into AWS, eliminating user-managed passwords and the risk of phishing.
OneLogin’s strong, risk-based MFA provides an added layer of security that won’t slow down your business or burden your users. Use OneLogin Protect or a pre-integrated third-party solution like Google Authenticator, Yubico, Duo Security, RSA SecurID, and more. Add SmartFactor Authentication™️ to streamline login through machine-learning that builds user profiles to identify high-risk login attempts.
OneLogin’s AD connector provides self-service account recovery and user password policy enforcement. Information syncs in real-time without batch updates. Bi-directional attribute rules let you sync AD changes to OneLogin and vice versa. In high availability mode, multiple connectors exist per server, creating effective failover and peace of mind. Our easy installation wizard creates the connection in minutes with no server restarts or firewall changes.
Automatically create, update and delete users in your Amazon Web Services (AWS) account based on flexible mappings to AWS. Session Tags allows admins to assert a unique “tag” for different users based on directory attributes, to determine a user’s access permissions as they access AWS resources across multiple AWS accounts and actions, making it easy to implement least-privileged access at scale.
Stream OneLogin’s robust collection of user login activity information directly to AWS services via Amazon EventBridge. Leverage identity information to build stronger enterprise security workflows, for threat detection and remediation, and further automate employee lifecycle management across AWS accounts.
OneLogin can be used to protect access to any of your private or customer apps hosted on your AWS instances. Leverage OneLogin's free, open source SAML toolkits to have SSO and identity management integration ready within hours instead of months. Visit our developers website for more information.