Best User Provisioning and Governance Software for Amazon Web Services (AWS)
View:
Compare the Top User Provisioning and Governance Software that integrates with Amazon Web Services (AWS) as of December 2025
Sort By:
This a list of User Provisioning and Governance software that integrates with Amazon Web Services (AWS). Use the filters on the left to add additional filters for products that have integrations with Amazon Web Services (AWS). View the products that work with Amazon Web Services (AWS) in the table below.
What is User Provisioning and Governance Software for Amazon Web Services (AWS)?
User provisioning and governance software helps organizations manage the creation, modification, and removal of user accounts and access rights across systems and applications. It automates onboarding and offboarding processes, ensuring that users have the correct permissions based on their roles while maintaining compliance with security policies. The platform provides centralized visibility into user activities, access histories, and policy enforcement to prevent unauthorized access and reduce risk. Integration with identity directories and HR systems ensures consistent and efficient identity lifecycle management. Ultimately, user provisioning and governance software enhances security, compliance, and operational efficiency within modern IT environments. Compare and read user reviews of the best User Provisioning and Governance software for Amazon Web Services (AWS) currently available using the table below. This list is updated regularly.
-
1
Auth0
Okta
Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while enabling SSO.Starting Price: Free plan -
2
Pliant
Pliant.io
Pliant’s solution for IT Process Automation simplifies, streamlines, and secures how teams build and deploy automation. Reduce human error, ensure compliance, and elevate your efficiency, with Pliant. Ingest existing automation and write new automation with single-pane orchestration. Ensure compliance using consistent, practical built-in governance. Pliant has abstracted thousands of vendor APIs to create intelligent action blocks allowing users to drag-and-drop blocks, rather than writing and rewriting lines of code. From a single platform, citizen developers are able to build consistent and meaningful automation across platforms, services, and applications in minutes — maximizing value across the entire technology stack in one place. With our ability to add new APIs in 15 business days, anything that is not already out of the box will be in an industry leading timeframe. -
3
The OptimalCloud
Optimal IdM
The OptimalCloud platform is a full featured, award winning, SSO Federation & IAM solution that provides a single point of authentication, policy management and auditing for a seamless end user experience. The OptimalCloud is deployed in workforce and consumer scenarios, used by some of the most recognizable companies on the globe, and used in some of the most secure environments in the world. Each feature-rich pricing tier comes with multi-factor authentication (MFA), because proper security shouldn't cost extra. The OptimalCloud is integrated with more than eleven thousand applications, simplifying set up and configuration and also has 24 x 7 x 365 support with a guaranteed uptime of 99.99%.Starting Price: $2/user/month -
4
Ping Identity
Ping Identity
Ping Identity builds identity security for the global enterprise with an intelligent identity platform that offers comprehensive capabilities including single sign-on (SSO), multi-factor authentication (MFA), directory, and more. Ping helps enterprises balance security and user experience for workforce, customer, and partner identity types with a variety of cloud deployment options including identity-as-a-service (IDaaS), containerized software, and more. Ping has solutions for both IT and developer teams. Enable digital collaboration with simple integrations to these popular tools. Support your employees wherever they are with integrations to these popular tools. Deploy quickly with interoperability across the entire identity ecosystem. Whether you just want single sign-on (SSO) or a risk-based, adaptive authentication authority, starting off with a PingOne solution package lets you only pay for what you need, and gives you room to grow.Starting Price: $5 per user per month -
5
LogMeOnce
LogMeOnce
A formidable cyber security defense should be mindful to thwart internal and external threats. External and internal threats have one common denominator. The end user’s adherence to security, policy, and best practices. External elements exploit an unsuspecting internal user’s adherence to sound security policies to find their way in. Granted, external threats can be addressed with various mechanisms such as firewalls, but, inherently it has its roots and seeds in weak internal shortcomings. However, you can easily curb internal threats by simply establishing “automatic & enforceable” security policies, advising end-users to adhere to secure access protocols with trusted credentials. Thankfully, LogMeOnce Patented Technology offers plenty of ways to protect your team members, credentials, and agency with advanced automated authentication. LogmeOnce dashboard creates powerful and unified access to a user’s entire disparate/numerous set of applications.Starting Price: $3 per user per month -
6
AWS Directory Service
Amazon
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft Active Directory (AD), enables your directory-aware workloads and AWS resources to use managed Active Directory (AD) in AWS. AWS Managed Microsoft AD is built on actual Microsoft AD and does not require you to synchronize or replicate data from your existing Active Directory to the cloud. You can use the standard AD administration tools and take advantage of the built-in AD features, such as Group Policy and single sign-on. With AWS Managed Microsoft AD, you can easily join Amazon EC2 and Amazon RDS for SQL Server instances to your domain, and use AWS End User Computing (EUC) services, such as Amazon WorkSpaces, with AD users and groups. AWS Managed Microsoft AD makes it easy to migrate AD-dependent applications and Windows workloads to AWS. With AWS Managed Microsoft AD, you can use Group Policies to manage EC2 instances and run AD-dependent applications in the AWS Cloud.Starting Price: $0.018 -
7
Peig
Peig
Peig is a passwordless access service that automates identity access management workflows for mid-size organizations. Businesses centrally manage employee and partner access to their cloud or self-hosted collaboration tools with little administration friction. Admins or managers use Peig to manage who in their organization has access to what data without having to deal with password management, VPNs or other forms of heavy-duty access security. Peig supports integration with various third-party applications such as Salesforce, AWS, Office 365, Slack and more. The access services are offered on a monthly subscription basis.Starting Price: $5 per user per month -
8
Abbey
Abbey Labs
Abbey streamlines data access and frees engineers to focus on core responsibilities, without compromising security and compliance. Build and enforce rules for compliance without causing friction for engineering teams. Use our intuitive web app to discover, request, and manage access to resources. Log and audit access changes to meet compliance needs, within the Abbey app or a Git-based version control system. Build a more secure and compliant infrastructure for your organization while empowering your engineering team. With Abbey, you can improve your security and compliance programs by automatically controlling and right-sizing permissions so the risks around unauthorized access is limited in the event of a breach. Abbey acts as a companion to your existing infrastructure by automating access management for you. Your employees request access, Abbey collaborates with your infrastructure to provision access, they use the resources, and access is revoked when they're done.Starting Price: $20 per user per month -
9
Indent
Indent
Good security is necessary, but it doesn't need to be slow or painful, faster access unlocks more revenue. Give on-demand access that’s faster and easier, without frustrating your team. Users request access to apps, managers approve or deny them from Slack, and it's all auditable. End the process of manually cat herding approvals. Every time access is granted, it's a potential security risk. Indent helps teams scale security and least privilege by shifting users to temporary access without slowing down. Automate spreadsheet-based workflows needed for SOC 2, SOX, ISO, and HITRUST with controls and policies baked directly into access request workflows. Only provide access when it's needed instead of issuing permanent access, reducing your license footprint. Indent delivers cost savings without adding friction for end users. When you’re leading a fast-growing company toward success, your team needs to take big risks to deliver big returns.Starting Price: $8 per month -
10
Amazon Verified Permissions
Amazon
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications. Accelerate application development by decoupling authorization from business logic. Protect application resources and manage user access to the principle of least privilege. Amazon Verified Permissions is a fully managed, Cedar-compatible permissions management and fine-grained authorization service for the applications that you build. Using Cedar, an expressive, performant, and analyzable open source policy language, developers and admins can define policy-based access controls.Starting Price: $0.00015 per request -
11
CyberArk Workforce Identity
CyberArk
Empower your workforce with simple and secure access to business resources with CyberArk Workforce Identity. Your users need quick access to a variety of business resources. You need confidence it’s them knocking – not an attacker. With CyberArk Workforce Identity, you can empower your workforce while keeping threats out. Clear the path for your team to propel your business to new heights. Validate identities with strong AI-powered, risk aware and password-free authentication. Streamline management of application access requests, creation of app accounts, and termination of access. Keep workers working, not logging in and out. Make intelligent access decisions based on AI-powered analytics. Enable access across any device, anywhere at just the right time. -
12
IBM Verify
IBM
Infuse cloud IAM with deep context for risk-based authentication to enable frictionless, secure access for your consumers and workforce. As organizations modernize hybrid multi cloud environments using a zero-trust strategy, identity and access management can no longer remain siloed. In a cloud environment, you need to develop cloud IAM strategies that use deep context to automate risk protection and continuously authenticate any user to any resource. Your journey should match your business requirements. Maintain existing investments and protect on-premises applications as you design and customize the right cloud IAM architecture to either replace or complement your infrastructure. Your users want one-click access from any device to any application. Onboard new federated applications to single sign-on (SSO), embed modern multi-factor authentication (MFA) methods, simplify logistics and give developers consumable APIs. -
13
Visual Identity Suite
Core Security (Fortra)
As part of the Core Security Identity Governance and Administration portfolio of solutions, previously offered by Courion, Visual Identity Suite (VIS) empowers organizations to see user privileges and access certifications in a whole new way, leveraging an intelligent, visual-first approach. By providing an easy-to-use graphical interface, you can see common user entitlements and quickly identify outliers to make informed decisions about who has access to what. VIS enables you to visualize what access looks like in your business, so you can intelligently mitigate identity risk and manage identity chaos within your organization. Mitigating identity risk in your organization requires intelligent and visible identity governance across all of your environments. This means leveraging a visual-first approach for the creation and management of roles and access reviews, combined with intelligence-enabled context, to simplify your identity governance and administration processes. -
14
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
15
Authomize
Authomize
Authomize continuously detects all effective relationships between both human and machine identities to company assets throughout all your organization’s environments (IaaS, PaaS, SaaS, Data, On-prem), down to the most granular company asset and normalized consistently across apps. Authomize offers a continuously updated inventory of your identities, assets and access policies, blocking unintended access with guardrails and alerting on anomalies and various risks. Authomize’s AI-driven engine harnesses its comprehensive and granular visibility over all of an organization’s environments to construct an optimal set of access policies for any identity-asset relationship. This SmartGroup technology performs continuous access modeling, self-correcting as it incorporates new inputs such as actual usage, activities and decisions you take to create an optimal and accurate permission structure. -
16
Deepnet DualShield
Deepnet Security
If you are looking for an enterprise grade 2-factor authentication (2FA) or multi-factor authentication (MFA) product that can secure all commonly used business applications and also provides a wide range of authentication methods, then you are in the right place. Deepnet DualShield is a multi-factor authentication system that unifies a variety of authentication methods, protocols, solutions and user experience in a single platform. In addition to the MFA functions, DualShield also provides self-service Password Reset, Single Sign-On (SSO), Identity & Access Management (IAM) and Adaptive Authentication. It is one of the most powerful and flexible multi-factor authentication system in the world. Deepnet DualShield can be installed on premises or hosted in a private cloud, which means that you will have the total control of your own user authentication system, and that you will be able to keep your users’ identities and credentials in a safe place. -
17
Zluri
Zluri
Zluri is a cloud-native SaaSOps platform enabling modern enterprises with SaaS Management, Access Management, and Access Review capabilities. Zluri empowers IT and Security teams to gain visibility into their SaaS landscape, unlock recurring savings, & securely manage access with provisioning and de-provisioning of users. Zluri’s technology is powered by an Authknox engine, and assisted by an Automation engine, enabling companies to navigate & control complex SaaS ecosystems easily. Trusted by over 250 global customers, Zluri is committed to delivering innovative, reliable, and scalable solutions that empower organizations to optimize their SaaS usage, ensure compliance, and enhance Access Management practices. -
18
Zilla Security
Zilla Security
Zilla gives security teams the visibility and automation required to ensure that your cloud applications are secure and compliant. With Zilla, you can be sure that all your application security settings are correct, permissions are appropriate and onboarded API-based integrations are not leaking critical data. A growing cloud footprint creates an ever-expanding web of data interactions. Automated access reviews are now critical to ensuring that users and API based integrations have the right access. Labor intensive spreadsheets or complex identity governance products with expensive professional services engagements are no longer the only way to achieve access compliance. Automated collectors make it a snap to bring in permission data from all your cloud services and on-premises systems as required. -
19
SecurEnds
SecurEnds
SecurEnds cloud software enables the world’s most forward-thinking companies to automate: User Access Reviews, Access Certifications, Entitlement Audits, Access Requests, and Identity Analytics. Load employee data from a Human Resources Management System (e.g., ADP, Workday, Ultipro, Paycom) using built-in SecurEnds connectors or files. Use built-in connectors and flex connectors to pull identities across enterprise applications (e.g., Active Directory, Salesforce, Oracle), databases (e.g., SQL Server, MySQL, PostreSQL), and cloud applications (e.g., AWS, Azure, Jira). Perform user access reviews by role or attribute as frequently as needed. Application owners can use delta campaigns to track any changes since the last campaign. Send remediation tickets directly to application owners to perform access updates. Auditors can also be granted access to review dashboards and remediations. -
20
Entrust Identity Enterprise
Entrust
The world's most proven on-prem identity & access management (IAM) solution for strong digital security. Identity Enterprise is an integrated IAM platform that supports a full suite of workforce, consumer, and citizen use cases. Ideally suited for high-assurance applications that require a Zero Trust approach for thousands or millions of users, Identity Enterprise can be deployed on-premises or as a virtual appliance. Never trust, always verify. Protect your organization and user communities both inside and outside the perimeter. Secure workforce, consumer, and citizen identities with high assurance use case coverage including credential-based access, smart card issuance, and best-in-class MFA. Limit user friction with adaptive risk-based authentication, passwordless login, and cloud app federation. Option to use digital certificates (PKI) for a higher level of security when and where warranted, either with a physical smart card or a virtual smart card. -
21
PlainID
PlainID
PlainID is The Authorization Company. PlainID provides both Business AND Admin teams with a simple and intuitive means to control their organization’s entire authorization process, all based on your own business logic. The platform allows you to implement literally any kind of rules you could imagine, all without coding, and all in fine grained detail. PlainID simplifies Authorization so that thousands of Roles, Attributes and even Environmental Factors can be converted into a few logical SmartAuthorization policies using our Graph Database Decision Engine. In-depth Analytics and Insights: PlainID provides unobstructed visibility with a full audit trail. Compliance, regulation and audit requirements, they’re easy to manage on a simple graph-based UI. Access is determined dynamically and in real time, based on user attributes, environmental attributes (time, location, etc.) as well as event based authorizations. PlainID combines ABAC & RABC to a united policy. -
22
Sentri
Sentri
Sentri is a robust security platform, which is a perfect blend of information, technology and infrastructure. You dreamt of a product that’s intuitive, smart & applicable at all levels of users? Implementation of an identity solution in an organization, to thwart cyber-attacks involves shelling out for licensing, hardware & resources. Here’s where SENTRI brings a cost effective and an efficient suite of access governance & control solutions. Sentri is an one-stop solution for all of your access governance needs, to enable organizations to manage their access rights while , keeping their data secure, both of Cloud and On Premise. We are here to empower you with speedy response seamless self-service and streamlined support, to your satisfaction. Sentri is a one-stop solution to all your IAG (Identity Access Governance), IRM (Integrated Risk Management) and GRC (Governance Risk Compliance) requirements. -
23
Aquera
Aquera
The Aquera Identity Integration Platform as a Service is a cloud-based service that provides SCIM gateway services for account provisioning and aggregation, orchestration services for user and password synchronization, workflow services for the governance of disconnected applications, password rotation gateway services for privileged account management, and an extensive supporting catalog of out-of-box connectors for cloud or on-premises applications. Out-of-the-box and built on-demand connectors are plug-n-play from identity management platforms, privileged account management platforms, or HR applications to any cloud or on-premises application, database, directory, device, or B2B portal. The identity integrations require zero coding and rapidly deploy in minutes. The platform features multi-purpose gateway services and out-of-the-box connectors for user provisioning/deprovisioning, HR application user onboarding/mastering, delta account aggregation, file operations, etc. -
24
Tuebora
Tuebora
Natural language user interface eliminates UI adoption risks. Complete deployment in just a few weeks. Augment or replace with only the microservices you need. Fast-build SCIM compliant connectors. Design new IAM processes that fit your organization. Machine learning pinpoints errors and finds efficiencies. Support your “Cloud-first” strategy. Built for the cloud to control identity everywhere. Smart Businesses Rely on Tuebora’s platform of identity solutions to unlock business value and reduce risk. Use our Natural Language User Interface to communicate hundreds of IAM scenarios to your business applications. Suddenly, your IAM processes are natural, fast and agile. Our implementation of machine learning identifies unused account access and provisioning activities performed outside established processes. Rapid adoption of cloud applications requires managing identity everywhere. Traditional vendor solutions don’t natively support cloud identity needs. -
25
Opal
Opal
Opal is a security platform that enables organizations to scale least privilege, creating new ways for teams to work smarter. We believe access should be decentralized, self-service, and integrated with the technologies your team already uses. Remove bottlenecks. Delegate access requests to those who have the most context. More context = faster and better decisions. Intelligent automation. Let Opal handle it all, giving access when it matters most, sending automatic reminders, and removing access when no longer needed. Transparency matters. Be on the same page about who approves access, who has access to what, the status of requests, and more. Skip the game of telephone! Companies give out far too much access. Access is granted in a way that is overly coarse and often for an indefinite amount of time. Most companies have painfully manual and inconsistent ways of granting just-in-time access. -
26
BalkanID
BalkanID
Leverage AI to automate discovery & risk prioritization of entitlement sprawl. Streamline access reviews & certifications across the public cloud and SaaS landscape. Connect all third-party integrations to the BalkanID dashboard. Integrations are supported for the most commonly used SaaS apps. Single pane of glass for coarse and fine-grained entitlements, as well as outliers across SaaS and public cloud environments. Simplify the access review and certification process across the SaaS and public cloud landscape. Leverage data science and machine learning to provide visibility into entitlement risks across SaaS and public cloud environments. Discovery and prioritization of entitlement risks. Discover, normalize and attribute entitlement taxonomy and associated data sets, to ensure that while an access review can be high-level there is still detailed data (permissions, roles, groups, etc.) to support certification actions. -
27
Entitle
BeyondTrust
Entitle fuses a security-first approach to provisioning and governance, with a commitment to business enablement for all teams, from R&D and sales to H&R and finance. Speed up provisioning to unlock security policies that automatically update with changing infrastructure and employee needs. Grant permissions to specific resources, like Google Drive folders, database tables, Git repositories, and more. Keep privileged resources and roles safe by granting access only when needed, and removing them when not. Give peers, managers, and resource owners the power to approve access requests, for authorizations you can trust. With automated access requests and zero-touch provisioning, DevOps, IT, and all teams can save serious time and resources. Users can request access to what they need via Slack, Teams, Jira, or email for a seamless approval process. Grant bulk permissions for fast onboarding and offboarding to keep up with organizational changes. -
28
Core Security Access Assurance Suite
Core Security (Fortra)
As part of the Core Security Identity Governance and Administration portfolio of solutions, previously known as Courion, Access Assurance Suite is an intelligent identity and access management (IAM) software solution that enables organizations to deliver informed provisioning, meet ongoing regulatory compliance, and leverage actionable analytics for improved identity governance. Comprised of four industry-leading modules, our identity management software offers the most intelligent and efficient path to mitigating identity risk, and provides a complete solution for streamlining the provisioning process, reviewing access requests, managing compliance, and enforcing robust password management. A convenient web portal where end users can request access and managers can review, approve, or deny access. Using a shopping cart approach, Core Access delivers an efficient and user-friendly experience, replacing paper forms, emails, and tickets used to manage access.
- Previous
- You're on page 1
- Next
