AWS and Google Cloud Platform are arch enemies, so why would Google enable their identities to work with AWS servers? They won’t. But you can authenticate AWS servers with Google Cloud Identity by leveraging a third party cloud IAM solution, Directory-as-a-Service®.
The fact that these two tech titans are at each other’s throats isn’t a good sign for customers since many are using both of them. The good news is that there are ways to get them to work together. Google recently introduced their version of IDaaS called Google Cloud Identity. Could this recent IDaaS platform be a solution for customers who want to authenticate AWS servers with Google Cloud Identity?
For many, it may be unclear what Google Cloud Identity is and what it can authenticate to. This ends up creating confusion about where Google’s identity services fit in the broader identity management market. Let us try to clarify.
What is Google Cloud Identity?
Google Cloud Identity is Google’s user management platform for G Suite, Google Cloud Platform, and a few, select web applications. Unfortunately, Google identities don’t automatically federate to AWS cloud servers, on-prem systems (Windows, Mac, Linux), on-prem and web applications, physical and virtual storage systems, and wired and WiFi networks.
If G Suite Directory is the only directory in place in your IT environment, then part of your infrastructure is either manually being managed or not being managed at all. This means you won’t have 100% certainty in knowing if SSH keys are being properly stored, if users are following company password guidelines for all of their resources, and if systems are complying with company policies. Fortunately, a directory service does exist that offers seamless integration with G Suite directory.
Authenticate AWS Servers with DaaS
Google identities can be managed from Directory-as-a-Service and subsequently federated to third party platforms and providers. That means a user’s Google Cloud Identity can also be the same one that is used for access to AWS, Azure, and Digital Ocean to name a few. With that same Google Cloud Identity, users can also access their systems, networks, (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/authenticate-aws-servers-google-cloud-identity/