Onboarding cloud accounts

PingOne Privilege enables passwordless, just-in-time (JIT) access to resources across the following cloud infrastructures:

While cloud providers offer many predefined roles, they can often be overly permissive. PingOne Privilege helps enforce least-privileged access by creating and deleting dynamic roles on-demand through automation.

Primary supported resources

The following table summarizes the primary resources supported for each cloud provider.

Cloud

Servers

RDP Servers

Databases

Kubernetes Clusters

Cloud CLI

Console Login

AWS

EKS

AWS CLI

Azure

AKS

Azure CLI

GCP

GKE

gcloud CLI

Resources available through CLI and assumed roles

The following resources are accessible through the command-line interface (CLI) or by using assume-role functionality.

Cloud	Resources
	EC2 Instance EC2 Key Pair EC2 Network Interface EC2 EBS Volume EC2 Security Group EC2 Elastic IP EKS Namespace KMS Key RDS DB Instance S3 Bucket VPC
	AKS Namespace Load Balancer Managed Cluster Microsoft Entra ID MySQL Flexible Server PostgreSQL Flexible Server Resource Group SQL Server SQL Server Database Subscription Virtual Machine
	BigQuery Table Cloud Bigtable Instance Cloud Functions Compute Instance Folder GKE Namespace Organization Project Pub/Sub Topic Service Account SQL Instance Storage Bucket VPC Network

Cloud

Resources

EC2 Instance
EC2 Key Pair
EC2 Network Interface
EC2 EBS Volume
EC2 Security Group
EC2 Elastic IP
EKS Namespace
KMS Key
RDS DB Instance
S3 Bucket
VPC

AKS Namespace
Load Balancer
Managed Cluster
Microsoft Entra ID
MySQL Flexible Server
PostgreSQL Flexible Server
Resource Group
SQL Server
SQL Server Database
Subscription
Virtual Machine

BigQuery Table
Cloud Bigtable Instance
Cloud Functions
Compute Instance
Folder
GKE Namespace
Organization
Project
Pub/Sub Topic
Service Account
SQL Instance
Storage Bucket
VPC Network