OneLogin, a leader in Identity and Access Management, announced support for AWS Session Tags, an identity service capability from Amazon Web Services (AWS). Building on OneLogin's existing IDaaS solution for AWS, support for AWS Session Tags can make it easier for enterprises to implement Attribute Based Access Control (ABAC) for secure authentication and authorization to multiple AWS accounts. Customers can enhance security by adding tags to extend access permissions across their AWS infrastructure. To learn more, check out the OneLogin-AWS solution partner page.

"This collaboration is a perfect pairing of AWS's tremendous platform and OneLogin's access management capabilities," said Venkat Sathyamurthy, chief product officer at OneLogin. "With more than one million organizations using AWS all across the globe, we can help make a profound impact on digital security worldwide."

The enhanced integration combines OneLogin's access capabilities with AWS Session Tags, a new component of AWS's role setup, for improved access security. OneLogin, as the identity provider, is the authoritative attribute source when federating users. AWS Session Tags allow admins to assert a "tag", based on directory attributes, which corresponds to specific access permissions.  Rather than defining and asserting a specific set of permissions for each user that would use AWS, OneLogin customers can now pass attribute tags during login to determine user's experience and permissions as they access AWS resources. These tag associations are also valid across multiple AWS accounts and actions, making it easy to implement least-privileged access at scale.

"With this integration, customers can manage fewer access control objects in their AWS environment, yet achieve the same level of granular controls," said Ehud Amiri, senior director of product management at OneLogin. "This means that they can scale better and save on administration costs."