Frequently Asked Questions

Value Proposition

Quiverstone is built to solve a specific problem for a specific kind of team. Start here to understand what the platform does, who it's for, and how it fits into your existing AWS environment.

  • Quiverstone is the multi-account management platform built for AWS Cloud Architects. It gives you a single, unified interface for discovery, inventory, access, and governance across every AWS organization you manage — whether you're running five accounts or five hundred. Think of it as two things in one: the quiver, a ready arsenal of specialized tools and deployment templates, and the stone, an unshakeable foundation for multi-organization governance at scale.

  • Quiverstone is purpose-built for Managed Service Providers (MSPs) who own infrastructure across multiple customer organizations, Cloud Consultants who need rapid and secure access across diverse client accounts, and Enterprise AWS teams governing large internal fleets. If your team is spending significant time navigating fragmented access controls and rebuilding governance frameworks from scratch, Quiverstone was built for you.

  • AWS Cloud Architects routinely lose hours navigating complex multi-organization environments with no unified view, inconsistent access patterns, and governance frameworks that must be rebuilt for every new client or account. Quiverstone consolidates organization management, resource discovery, secure account access, and developer tooling into a single platform — transforming that complexity into clarity so your team can manage hundreds of accounts with confidence.

  • Native AWS tools like AWS Organizations and Control Tower are powerful but were designed around a single-organization model and require significant effort in multi-tenant or multi-customer environments. Quiverstone layers on top of your existing AWS setup — no rearchitecting required — and adds cross-organization inventory, fine-grained access control, and shared tooling libraries that native tools don't provide out of the box. You keep using the AWS services you already know; Quiverstone handles the orchestration layer above them.

  • No — Quiverstone complements them. Your AWS Organizations structure and Control Tower guardrails remain in place and in effect. Quiverstone sits above that layer to give you unified visibility and access across all of them simultaneously. Think of it as the management cockpit that lets you operate your existing AWS architecture, not a replacement for it.

Technical & Security Implementation

Security and compliance are non-negotiable when granting any platform access to your AWS fleet. These answers cover how Quiverstone handles credentials, IAM access, audit logging, MFA, SSO, and our current compliance posture.

  • Quiverstone operates on a zero permanent credentials model. It uses your existing browser session to perform IAM role assumption into destination accounts on demand — no long-lived access keys are stored on Quiverstone's servers. Every access event generates a full CloudTrail audit trail in your own AWS environment, giving you an immutable record of who accessed what and when.

  • You have two options depending on your environment. You can deploy a new IAM role with a trust relationship pointing to Quiverstone's roles and teams, or you can reuse existing IAM roles already deployed within your customer accounts with no new configuration needed. Quiverstone's access control engine supports both direct and chained IAM role assumption with full External ID support, meeting the AWS-recommended standard for partner and third-party access patterns.

  • Not necessarily. Quiverstone is designed to work with your organization's existing roles already deployed within your customer accounts. If those roles meet the required trust conditions, you can onboard those accounts without deploying anything new. For fresh accounts, Quiverstone automatically scans your environments and inventories all new accounts without requiring manual configuration.

  • Item descriptionMulti-factor authentication (MFA) is available to all users on any plan and can be enabled at the individual account level. Admin-enforced MFA — where a subscription owner can require MFA across all team members — is not yet available but is planned for release in Q3/Q4 2026.

  • Quiverstone is an early-stage SaaS platform and formal SOC 2 Type II and ISO 27001 audit processes are planned to begin in Q1 2027. The platform is built on security-first principles — zero permanent credentials, IAM role assumption with External ID, and full CloudTrail audit logging within your own AWS environment. If your organization has a hard certification requirement today, we recommend reaching out to our team to discuss your timeline.

  • Quiverstone is hosted on AWS us-east-2 and is accessible globally. At this time, the platform does not offer region-specific data residency options. If your organization has a compliance requirement that mandates data processing or storage within a specific geographic region, we recommend evaluating whether this aligns with your needs before adopting the platform.

  • Quiverstone is an early-stage SaaS platform and does not currently publish a formal SLA. We operate on a best-effort basis and are committed to transparency about service health. You can monitor real-time and historical service status at status.quiverstone.io.

  • Custom SSO integration (SAML / external IdP) is on the roadmap and will be available at the Enterprise tier in a future release. For teams on the Free, Consultant, or Pro plans, authentication is handled natively through Quiverstone's own login system. Enterprise prospects with an SSO requirement should contact our sales team to discuss timeline and availability.

Implementation & Workflow

Quiverstone is designed to be up and running in a single session with no rearchitecting required. These answers walk through how onboarding works, how your team operates day-to-day, and what the platform looks like in practice.

  • Onboarding is designed to be fast. Because Quiverstone works with your existing IAM roles and AWS Organizations structure, there is no rearchitecting of your environment. The platform automatically discovers and imports your AWS Organization member accounts, so your full account inventory populates without manual entry. Most teams move from sign-up to active use within a single session.

  • Yes. Quiverstone lets you manage standalone accounts in the same unified view as your AWS Organization member accounts. You can categorize every account by Customer, Organization, or Project and tag engagements by type — Resale, Managed Services, Professional Services — so your team always has the right context at a glance.

  • Yes — and this is a core part of the platform's value. In addition to Quiverstone's built-in repository of common AWS Architect tooling, teams on Pro and Enterprise plans can build and share their own custom libraries of resources, tools, and deployment templates. Your organization's institutional knowledge — runbooks, standard deployment patterns, compliance scripts — lives in a shared, accessible layer rather than scattered across individual machines or private repos.

  • Quiverstone uses your cached current browser session to assume the appropriate IAM role into a destination account — no copying access keys, no re-authenticating per account. The result is one-click access to any account in your fleet with a full CloudTrail audit trail, following the same secure access pattern AWS recommends for partner environments.

  • CLI access is available at the Enterprise tier. A full programmatic API is planned for a future release, also at the Enterprise level. If API-driven workflows or infrastructure-as-code integration are requirements for your team, reach out to discuss your use case.

Pricing & Scaling

From solo practitioners to large MSP teams, Quiverstone offers a plan for every stage of growth. These answers cover our tier structure, seat model, free trial, and what to expect as your organization scales.

  • Quiverstone offers four tiers. The Free plan is $0 forever and supports up to 2 AWS Organizations, 3 standalone accounts, 2 customers, and 1 user — no credit card required. The Consultant plan is $29/month and supports up to 5 organizations, 5 standalone accounts, 5 customers, and 3 seats. The Pro plan is $99/month and supports up to 30 organizations, 20 standalone accounts, unlimited customers, and 10 seats with multi-team access. The Enterprise plan is custom-priced and offers unlimited organizations, accounts, customers, and seats, along with CLI access, Custom SSO, and priority support. All paid plans include a 5-day free trial.

  • Yes — all paid plans include a 5-day free trial so you can evaluate the full feature set at your target tier before being charged. No credit card is required to begin. If you want a permanent no-commitment entry point, the Free plan is available forever with no expiration.

  • Quiverstone is priced on a per-seat, per-tier basis. The Consultant plan includes 3 seats under a single team with no granular roles or groups. The Pro plan includes 10 seats with multi-team access, group-based account access control, and role assignment for users and groups. The Enterprise plan supports a custom number of seats with the full feature set. You pay for the tier that matches your team's current scale and can upgrade as you grow.

  • Enterprise adds unlimited AWS organizations, standalone accounts, and customers, the full utility and feature set, CLI access, Custom SSO integration, and priority feature requests and support. Pricing is custom based on your team's size and requirements — contact our sales team to get a quote.

  • It depends on your plan. The Pro plan supports up to 30 AWS Organizations and 20 standalone accounts, which covers most growing MSPs and consulting practices. The Enterprise plan offers unlimited organizations and accounts for teams managing at full scale. The Free and Consultant tiers are designed for smaller environments and individual practitioners getting started.