Skip to main content

Unified Identity Governance for Entra & AWS IAM

calendar icon   Release Date: January 22, 2026

Entra and AWS IAM thumbnail

We are excited to announce expanded governance support for Microsoft Entra ID and AWS IAM. This update provides a unified source of truth for your cloud identity footprint, allowing you to manage risk and visibility across fragmented environments from a single pane of glass.

Core Identity Capabilities

  • Unified Visibility: Map identities across your cloud infrastructure in a single platform, utilizing an enriched graph view to understand complex relationships between identities, policies, and secrets.
  • Risk-Based Prioritization: The new risk criticality score automatically surfaces high-impact threats—such as leaked credentials, cross-environment secrets, and orphaned accounts—so you can focus remediation where it matters most.
  • Secure, Secret-less Auth: Both integrations leverage OIDC (OpenID Connect) for credential-free, short-lived token-based access, eliminating the need for long-lived secrets.

Deep Cloud Integration

While providing a unified view, NHI Governance captures the unique architecture of each provider to ensure complete coverage:

  • For Microsoft Entra ID: Gain transparency into Users, Service Principals, and Managed Identities, as well as both Security and Distribution Groups.
  • For AWS IAM: Audit your posture by tracking Users, Roles, and Groups with full metadata.

Getting Started

  • To begin syncing your identities, visit the integration documentation for setup instructions and required permissions: 👉 Microsoft Entra ID Setup | AWS IAM Setup
  • Available to NHI Governance paying customers.

Enhancements

  • GitHub Check Runs: Updated neutral check run message to clarify no new secrets are detected in merge queues, as scanning already occurred during PR review.

Fixes

  • Secrets Validity Checking: Fixed an issue preventing validation of Google Cloud Keys secrets that resulted in "failed to check" errors.
  • List of detectors in the settings: Fixed an issue where the validity check filter was not working properly.
  • GitLab Integration: Fixed broken link in health check unhealthy error message that led to a 404 error.
  • Health Check Email Notifications: Fixed an issue where GitLab integration health check emails incorrectly displayed "Bitbucket" as the source.
  • Container Registries: Enhanced JFrog compatibility by implementing checksum search fallback when Docker image layers are not found via standard endpoints.
  • Analytics Overview: Fixed misleading MTTR values by displaying "N/A" instead of "0" when no data is available.

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status