Identity and access management (IAM)
Grant and manage user and entity access to the right resources while continuously monitoring and enforcing IAM policies using third-party tools.
Access to resources on AWS is largely determined based on identity. Protecting these identities requires the implementation of the right set of tools to manage the identities’ lifecycle and their associated entitlements for resource access. Your organization needs to be able to discover and review account access, enforce multi-factor authentication, and quickly provision and revoke access. Furthermore, you must also manage secrets, API keys, and credentials while ensuring that they are properly safeguarded and accessible only by authorized entities.
Learn how to set up a least privilege stack, including such key issues as where to start and what to prioritize.
Solutions
The solutions available in AWS Marketplace allow you to securely govern and control your IAM needs. This includes managing privileged access, discovering over-privileged accounts, implementing least privilege practices, and provisioning just-in-time access.

OneLogin’s Trusted Experience Platform™ is a IAM foundation to manage and secure digital identities for your workforce and customers from the cloud.
See how it works: Datasheet
Resources
Learn about the latest practices, tools, and how to implement effective IAM processes and policies with resources from AWS Marketplace.
Key benefits of using third-party solutions available in AWS Marketplace
Tap the largest provider community
Extend the benefits of AWS by using capabilities from familiar solution providers you already trust. These providers have proven success securing different stage of cloud adoption, from initial migration through ongoing day to day management.
Reduce risk without losing speed
Quickly procure and deploy solutions that find and address vulnerabilities, detect intrusions, and enable faster response to incidents while minimizing business disruptions.
Integrate easily with AWS
Count on security tools that are designed for AWS interoperability to follow security best practices.