What is AWS (Amazon Web Services)? AWS is a Cloud Infrastructure-as-a-Service (Cloud IaaS) platform offering compute power, data storage, and a wide array of other IT solutions and utilities for modern organizations. AWS was launched in 2006, and has since become one of the most popular cloud platforms currently available.
AWS offers numerous advantages for organizations like reduced management overhead, simplified implementation, and significantly reduced costs versus comparable legacy solutions. In fact, AWS has been such a game changer that many organizations are eliminating on-prem data centers altogether in favor of hosted implementations from AWS.
AWS in the Beginning
One of the most powerful services offered by AWS was also one of the first released in 2006. Amazon refers to this service as the Elastic Compute Cloud (EC2). EC2 effectively enables AWS customers to lease virtual systems, managed by AWS, upon which organizations can run their own applications and resources.
In doing so, AWS made it possible for organizations to eliminate the need to build and maintain a private, on-prem infrastructure to reach the same end. Instead, organizations only paid for what they used, creating a far more scalable model without the management overhead of hosting the same architecture on-prem.
The result was that organizations could instead focus their efforts and capital towards more important tasks like developing their products. EC2 has been so successful that Amazon has subsequently added a large number of additional IT resources and utilities that follow the same model.
AWS Checks Many Boxes
Today, AWS offers over 90 fully featured services for compute, storage, networking, analytics, application services, deployment, identity and access management, directory services, security – the list goes on. All of which offer powerful, cloud based, pay-as-you-go alternatives compared to their legacy counterparts.
These solutions have made it possible for organizations to shift their entire data center to the cloud. The benefits for organizations is that there is no longer a need to build data centers on-prem, nor incur the massive costs of data center builds and operations. IT doesn’t have to worry about implementation, integration, networking, and everything else that comes with building a data center. Rather, organizations simply use what they need.
AWS has steadily chipped away at the on-prem foundation that has traditionally supported the IT infrastructure in most organizations. In fact, it’s not uncommon for newer organizations and startups to leverage AWS (and other cloud service providers) for the majority of their IT resources.
Top 5 Benefits of AWS:
- Minimize investment, maintenance, and management overhead for on-prem solutions
- Leverage resources that are highly reliable, always on, and globally available
- Increase productivity by providing the right tools to get the job done
- Heighten security with modern cloud security standards
- Improve scalability with pay-to-play pricing
Limitations of AWS
AWS certainly does not leave much to be desired. Yet, implementing AWS is not without its own set of challenges. Some of the most significant challenges exist within the identity and access management (IAM) space and particularly with directory services.
For example, AWS offers a solution for IAM, aptly named AWS IAM. What is AWS IAM? AWS IAM is an excellent solution for managing AWS user accounts and web consoles. The challenge is that AWS IAM, not surprisingly, is ONLY for managing AWS user accounts and web consoles.
The unfortunate side effect of this approach is that organizations will require additional IAM solutions for resources separate from AWS like systems (e.g. Windows, Mac, Linux), networks (both WiFi and on-prem), applications (SAML, LDAP), data, servers, and anything else living outside of the AWS ecosystem. This is a major pain point for a lot of IT administrators leveraging AWS.
AWS’ response to this issue comes in the form of the AWS Directory Service solution. The AWS Directory Service allows AWS to sync with an existing Microsoft Active Directory® (AD) instance either on-prem or managed by AWS. AD identities can then be federated to only AWS under this model.
The trouble with this approach is that organizations are required to implement that which they were trying to avoid in the first place. That is, investing heavily in the on-prem infrastructure necessary to support AD. At any rate, organizations will be stuck with AD and must then face the limitations inherent to AD itself.
Fortunately, this cloud has a silver lining in the form of a new cloud directory service solution from JumpCloud. This solution is called Directory-as-a-Service®.
What is AWS with Directory-as-a-Service
Directory-as-a-Service is a comprehensive cloud based directory service platform. It is effectively the true cloud-based alternative for Active Directory, which enables seamless management for all of an organization’s IT resources.
Directory-as-a-Service seamlessly integrates with AWS to extend JumpCloud managed identities to authenticate with AWS resources. The concept is somewhat similar to the AWS Directory Service solution hosted at AWS, except that there isn’t a reliance on Active Directory. Additionally, IT admins can seamlessly integrate their identities into one platform rather than multiple and AWS Linux servers can be managed from a user and device perspective as well with Directory-as-a-Service.
Directory-as-a-Service goes much further to provide the ability to securely manage and connect user identities (e.g. onboarding, provisioning resources, managing secure credentials) to systems (e.g. Windows, Mac, Linux), applications (e.g. SAML, LDAP), cross platform GPO-like capabilities, WiFi authentication with RADIUS, Samba file servers, and can even sync with existing directory databases (e.g. Active Directory, Office 365, G Suite, LDAP).
The result is that IT admins can now manage access to resources on AWS as well as the entirety of their IT resources, both on-prem and web-based, from one centralized management platform in the cloud.
To learn more about what is AWS, and how Directory-as-a-Service can help manage access to AWS and everything else you need to get the job done, drop us a note. You can also sign up for an account and start managing AWS resources today. Your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Vince Lujan. Read the original post at: JumpCloud