AWS Security Competency for 1Password: what changes for IAM teams?

TL;DR: Cloud security programmes are increasingly judged on identity security across humans, machines, and AI agents, according to 1Password. The governance challenge is no longer just access management, but continuous authorisation, credential visibility, and auditability across expanding workloads.

NHIMG editorial — based on content published by 1Password: 1Password becomes AWS Security Competency Partner

By the numbers:

• Only 5.7% of organisations have full visibility into their service accounts.

Questions worth separating out

Q: How should security teams govern non-human identities in AWS environments?

A: Treat every service account, token, and API key as a governed identity with an owner, purpose, review cycle, and revocation path.

Q: Why do AWS cloud environments increase NHI governance complexity?

A: AWS environments increase governance complexity because access is distributed across applications, pipelines, integrations, and now AI-assisted workflows.

Q: What breaks when organisations rely on point-in-time access reviews for cloud identities?

A: Point-in-time reviews miss the period between approval and use, which is where many cloud identity risks accumulate.

Practitioner guidance

• Build a single inventory for cloud and non-human identities Track service accounts, API keys, tokens, certificates, and agent identities in one ownership model so review, rotation, and revocation are not separated across teams.
• Tie every AWS credential to a named lifecycle owner Assign one accountable owner for provisioning, rotation, exception handling, and removal so no credential sits outside an explicit governance path.
• Verify that audit logs capture agent and workload actions Check that access logs show which identity acted, what resource was reached, and whether the action came from a human, workload, or AI agent.

What's in the full analysis

1Password's full article covers the operational detail this post intentionally leaves for the source:

• The AWS Competency context and designation criteria that explain why the announcement matters for cloud buyers.
• The 1Password platform positioning around discovery, secure access, and audit across human and AI agent identities.
• The customer example showing how device health, flexibility, and security requirements are balanced in practice.
• The partner and product resources that expand on unified access and SOC workflow automation.

👉 Read 1Password’s AWS Security Competency announcement for identity security context →

AWS Security Competency for 1Password: what changes for IAM teams?

Explore further

View Full Forum →  |  NHI Foundation Course →