---
title: Onboarding cloud accounts
description: Enable passwordless, just-in-time access to resources across various cloud infrastructures.
component: privilege
page_id: privilege:configuration:cloud-accounts
canonical_url: https://docs.pingidentity.com/privilege/configuration/cloud-accounts.html
revdate: May 4, 2026
section_ids:
  primary-supported-resources: Primary supported resources
  resources-available-through-cli-and-assumed-roles: Resources available through CLI and assumed roles
---

# Onboarding cloud accounts

PingOne Privilege enables passwordless, just-in-time (JIT) access to resources across the following cloud infrastructures:

* [Amazon Web Services (AWS)](cloud-accounts/aws.html)

* [Azure](cloud-accounts/azure.html)

* [Google Cloud Platform (GCP)](cloud-accounts/gcp.html)

While cloud providers offer many predefined roles, they can often be overly permissive. PingOne Privilege helps enforce least-privileged access by creating and deleting dynamic roles on-demand through automation.

## Primary supported resources

The following table summarizes the primary resources supported for each cloud provider.

| Cloud | Servers               | RDP Servers           | Databases             | Kubernetes Clusters | Cloud CLI  | Console Login         |
| ----- | --------------------- | --------------------- | --------------------- | ------------------- | ---------- | --------------------- |
| AWS   | [icon: check, set=fa] | [icon: check, set=fa] | [icon: check, set=fa] | EKS                 | AWS CLI    | [icon: check, set=fa] |
| Azure | [icon: check, set=fa] | [icon: check, set=fa] | [icon: check, set=fa] | AKS                 | Azure CLI  | [icon: check, set=fa] |
| GCP   | [icon: check, set=fa] | [icon: check, set=fa] | [icon: check, set=fa] | GKE                 | gcloud CLI | [icon: check, set=fa] |

## Resources available through CLI and assumed roles

The following resources are accessible through the command-line interface (CLI) or by using `assume-role` functionality.

| Cloud                                 | Resources                                                                                                                                                                                                                     |
| ------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| ![AWS logo](_images/aws-logo.png)     | * EC2 Instance

* EC2 Key Pair

* EC2 Network Interface

* EC2 EBS Volume

* EC2 Security Group

* EC2 Elastic IP

* EKS Namespace

* KMS Key

* RDS DB Instance

* S3 Bucket

* VPC                                          |
| ![Azure logo](_images/azure-logo.png) | - AKS Namespace

- Load Balancer

- Managed Cluster

- Microsoft Entra ID

- MySQL Flexible Server

- PostgreSQL Flexible Server

- Resource Group

- SQL Server

- SQL Server Database

- Subscription

- Virtual Machine    |
| ![GCP logo](_images/gcp-logo.png)     | * BigQuery Table

* Cloud Bigtable Instance

* Cloud Functions

* Compute Instance

* Folder

* GKE Namespace

* Organization

* Project

* Pub/Sub Topic

* Service Account

* SQL Instance

* Storage Bucket

* VPC Network |