Google Cloud Platform™ (GCP) has become a popular alternative to AWS® and Azure®. All three platforms have become quite successful, and IT organizations are shifting their server infrastructure to the cloud. The question for IT admins as they move to a hybrid cloud/on-prem environment is how to make Google Cloud server authentication actually work.
Why Manage Access to Google Cloud Servers?
Managing user access to servers has always been a critical task. As a result, whole categories of solutions have been created around it, such as privileged identity management tools. When the data center was on-prem or connected to the core IT infrastructure via VPN, Microsoft® Active Directory® (AD) would often provide the server authentication function. Yet, as the on-prem server infrastructure moved to the cloud, challenges arose.
One of the major challenges was how to control user access to cloud servers. The on-prem identity provider, usually Active Directory, didn’t easily extend to the cloud. Active Directory also worked on the model of direct connect, where a server needed to have a direct pathway to AD to authenticate user access. This was accomplished via VPNs and dedicated network connections. As the server infrastructure moved away into the cloud, however, the concept of direct access to Active Directory was much more difficult. IT organizations and DevOps engineers would end up having to create additional VPNs, and networking the cloud servers to the on-prem AD instance wasn’t easy.
In the end, that approach ended up being quite painful. IT admins and DevOps engineers started to fall back to other options—manual user management and configuration management tools. Both of these were obviously less than ideal. So, while moving the server infrastructure to an IaaS platform such as Google Cloud Platform is valuable, it can cause problems with cloud server authentication.
Google Cloud Server Authentication and More
The good news is that there is a modern cloud identity management platform that seamlessly integrates with Google Cloud Platform to help solve this problem. It’s called JumpCloud® Directory-as-a-Service®, and it is essentially the holy grail when it comes to (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/google-cloud-server-authentication/