By Rajat Bhargava Posted June 6, 2017
Can your organization create one set of credentials for AWS cloud servers, your GitHub repos, Atlassian Cloud services, Jenkins, Docker, OpenVPN, and your developer’s Linux machine all at the same time? On top of that, can it utilize an already existing G Suite or Office 365 identity to create those credentials? For most organizations this is an exceedingly difficult task. All of those various IT resources are well within the norm for any DevOps organization, yet to centrally manage user accounts on them is not easy.
DevOps and identity management have historically been a difficult combination. JumpCloud’s Directory-as-a-Service® is changing that.
IAM Solutions in the DevOps World
As more DevOps engineers are pushing harder to automate and secure their ever increasing production, staging, test, and development infrastructures. The pressure to have a coherent identity management strategy is high.
Historically, the problem was much easier to solve. Most organizations leveraged Microsoft Windows as their platform of choice, and the IT infrastructure was all located on-prem. Over the last decade as technical organizations have become more critical parts of the business, the approach to centrally controlling identities has been top of mind. A compromised identity with access to mission critical servers, source code, or data could be catastrophic to an organization.
Challenges With Managing DevOps Tools
Conventionally, the path to managing access to this wide variety of DevOps tools has been largely manual. Either admins and engineers manually update user accounts, or they have the option to write scripts via Chef, Puppet, Salt, Ansible, or other configuration management solutions. Sometimes DevOps engineers will implement an OpenLDAP™ or Active Directory® server, but that results in having two directory solutions to worry about. The problem is not an easy one to solve.
The challenges stem from the fact that there isn’t one way to authenticate or provide access control to all of the various types of DevOps solutions. Some DevOps tools live on prem, and LDAP authentication can work well with them. Others live on the web and require SAML, and don’t work as well. Still other pieces of cloud infrastructure may require other protocols and some may even require native integration. All of this means that either DevOps organizations implement multiple solutions, or they end up handling the process manually.
Solving the DevOps and Identity Management Challenges
The good news is that there is a great deal of innovation going on in the cloud identity management space. A virtual identity provider called Directory-as-a-Service can securely manage and connect user identities to the IT resources those users need including systems (Windows, Mac, and Linux), cloud and on-prem servers (e.g. AWS, Google Cloud, Azure, your own data center), web and on-prem applications via LDAP and SAML, and wired and WiFi networks through RADIUS. This approach to identity and access management is getting DevOps organizations closer to the goals that they are seeking with identity management – one identity across a wide variety of solutions.
Identity Management for the DevOps Landscape
If you would like to learn more about DevOps and identity management, drop us a note. Alternatively, check out our cloud directory service for yourself. See how one identity can be leveraged across a person’s laptop or desktop, cloud servers at AWS, GitHub, Atlassian Cloud, Jenkins, and more. Your first 10 users are free forever.