AWS Partner Network (APN) Blog
SailPoint Harbor Pilot: Simplified Identity Security with Agentic AI on AWS
By: Evan Anandappa, Product Manager – SailPoint
By: Harris Podell, Product Marketing Manager – SailPoint
By: Imaan Tariq, Customer Solutions Manager – AWS
By: Alvaro Sanchez Martin, Senior Solutions Architect – AWS
 |
 |
Security teams manage an expanding universe of users, applications, and cloud environments under increasing regulatory pressure. Amid this complexity, SailPoint introduces Harbor Pilot, an innovative AI-driven solution powered by Amazon Bedrock. Harbor Pilot is a transformative force multiplier in identity security, enabling security teams to automate intelligently, accelerate operations, and maintain compliance with less effort. With Harbor Pilot, organizations can create increased levels of efficiency and control while reducing workload.
Innovating at the Speed of AI
SailPoint has consistently led identity security for customers with cutting-edge innovations. AWS generative artificial intelligence (AI) capabilities allow SailPoint to push technology boundaries with Harbor Pilot. Harbor Pilot now gives identity admins AI help, building on past successes in AI-driven entitlement management.
What Sets Harbor Pilot Apart?
Harbor Pilot utilizes notable agentic capabilities designed to supercharge identity governance. In this demo, we showcase Harbor Pilot in action as a user explores key identity management tasks. Watch how they seamlessly check aggregation numbers, assign roles, and create a workflow to handle department changes—all through a simplified, Agentic AI-powered experience on AWS.
Documentation agent: Forget sifting through piles of documents. Harbor Pilot fetches relevant documentation recommends best practices and instantly answers complex policy questions.
Figure 1: User asks Harbor pilot for details within documentation
Workflow agent: Simply describe your requirements, and Harbor Pilot guides administrators through natural language prompts, building workflows in real-time with no coding required.
Figure 2: User asks Harbor Pilot to create a custom workflow
Harbor Pilot is a part of SailPoint Identity Security Cloud, SailPoint’s AI-driven solution designed to manage and govern identities, access, and entitlements with precision. Harbor Pilot’s fleet of AI agents deliver real-time intelligence, context, and expertise directly within the decision-making flow. Empowering users with the information they need, exactly when and where they need it.
Built Together, Stronger: SailPoint and AWS Collaboration
Harbor Pilot is not a standalone solution and represents a milestone in the enduring collaboration between SailPoint and AWS. After utilizing AWS AI services for descriptions for entitlements feature, SailPoint leveraged AWS for developing Harbor Pilot as well. Amazon Bedrock is at the core of Harbor Pilot, developed by close collaboration between AWS solution architects, Amazon Bedrock specialists, and SailPoint product teams. AWS’s approach of “working backwards,” from architectural design to regional readiness, was instrumental in bringing Harbor Pilot to life quickly and effectively.
Under the Hood
Harbor Pilot leverages an AWS architecture as highlighted in Figure 3 to deliver AI-powered identity governance for enterprises. The core of the solution is built within an Amazon Virtual Private Cloud (VPC), where web clients and external agents connect through Amazon API Gateway, providing a secure entry point to the Harbor Pilot service. The SailPoint Gateway facilitates proper request routing and authentication as requests enter the system.
Figure 3: AWS Architecture supporting Harbor Pilot
At its core, Amazon Elastic Kubernetes Service (EKS), manages the containerized workloads that power Harbor Pilot’s agentic functionality. Amazon Bedrock integrates seamlessly to provide the foundation for Harbor Pilot’s AI capabilities, with an Orchestration Agent which handles the coordination of various AI agents within the system.
The architecture incorporates event processing through its event bus architecture, while Amazon OpenSearch Service enables rapid identity queries and data retrieval. Amazon CloudWatch and Open Telemetry provide comprehensive observability and performance tracking across the entire system. For data management, the solution utilizes at its core Amazon RDS PostgreSQL as the primary relational database and Amazon DynamoDB for high-speed NoSQL operations.
Integration with existing enterprise systems is handled through the Model Context Protocol (MCP), while Knowledge Base integration makes sure AI agents have access to current documentation and policies. The entire architecture is designed with security at its core, leveraging AWS’s native security features and compliance capabilities to maintain enterprise-grade identity management while leveraging the power of advanced AI technology.
This architecture enables Harbor Pilot to deliver intelligent, scalable identity management that meets rigorous enterprise security standards while maintaining high performance and reliability.
Real Adoption, Real Results
Since its March 2025 launch, Harbor Pilot has achieved adoption and impact. Customer onboarding reached 50% within 30 days of release. Organizations report workflow creation time reduced from hours to minutes, with immediate resolution of identity queries replacing traditional multi-week support cycles. Teams show enhanced compliance control implementation with reduced administrative workload.
Admins now build complex workflows in a mere fraction of the time it took previously. As one customer noted, “Truly impressive in terms of the Workflow builds. It was able to build a complex workflow accurately in minutes that would have taken hours to build manually.”
Enterprise customers report transformative results. One identity administrator noted the improvement in workflow creation, completing complex configurations with unprecedented speed and efficiency. Another highlighted the shift from two-week support ticket resolution to instant answers through Harbor Pilot’s documentation capabilities.
Overall, Harbor Pilot is viewed as a powerful advancement in identity automation, streamlining repetitive tasks and accelerating complex processes that once demanded senior developer involvement.
Charting the Future Together
SailPoint is committed to continuous improvement and innovation and looking into expanding Harbor Pilot with:
- Access requests: Enables users to request access to resources using natural language, while allowing administrators to extend its capabilities beyond the confines of the native SailPoint Identity Security Cloud UI.
- Custom analytics: Gain deeper insights and context about your identity landscape through tailor made reporting and analytical insights.
- Session history: Save and revisit your interactions within Harbor Pilot so that future queries are informed by previous ones.
What’s more? SailPoint plans to integrate Harbor Pilot deeper throughout SailPoint Identity Security Cloud, where it will make intelligent, proactive, and context-aware identity security assistance and insights available at every interaction, whether inside the SailPoint Identity Security Cloud UI or in an organization’s own environment.
Harbor Pilot combines SailPoint’s expertise with AWS’s AI capabilities to deliver tangible results, reducing workflow creation from hours to minutes and providing instant resolution for identity queries. With planned features for access requests, analytics, and session history, Harbor Pilot continues to evolve. Ready to modernize your identity security? Visit the SailPoint Harbor Pilot webpage to learn more!
.
.
SailPoint Technologies – AWS Partner Spotlight
SailPoint Technologies is an AWS Advanced Technology Partner and AWS Competency Partner that provides identity security solutions that enable organizations to manage and govern identities, access, and entitlements with precision while automating security operations and maintaining compliance across their digital ecosystem.
Contact SailPoint Technologies | Partner Overview | AWS Marketplace