By Jon Griffin Posted June 10, 2017
In the era of DevOps, there is no shortage of interesting tools to help organizations improve their efficiency and automation. Interestingly though, the identity management world has largely been left behind. The approaches that DevOps teams are taking are fairly manual and intensive. A great deal of the scarcity of DevOps tools for cloud identity management stems from how the identity and access management world has evolved.
Background on Identity Management
To understand why cloud IAM solutions haven’t really emerged for use with DevOps, you need to go back to when modern identity management emerged. Identity management first got started with the creation of LDAP by our advisor Tim Howes and his colleagues at the University of Michigan. This kicked off a new category in the IT space, and directory services became an important part of the overall IT infrastructure.
Of course, as we all know, Microsoft Active Directory® would go on to dominate the market with OpenLDAP™ as the open source alternative. Other identity management categories would come and go like privileged identity management, web application single sign-on, and others, but these only served to add on to the larger directory. The challenge for technical organizations was always: “How can I connect a disparate set of platforms, providers, infrastructure components, and more into one cohesive identity management platform?”
The truth was that they couldn’t. Active Directory didn’t want to play nice with Unix systems and network infrastructure. OpenLDAP wasn’t really a fit with Windows and Mac devices and hardly easy to administer. So IT admins and DevOps engineers were largely forced to stitch together their identity management approach by themselves.
Modern Identity Management
As DevOps started to take hold in organizations and things shifted to be delivered from the cloud and from web applications, the problem only expanded. Now, the additional factors that were needed were greater automation and security because of how infrastructure was being managed. Clearly OpenLDAP and Active Directory were not ideal solutions within the DevOps framework.
Many DevOps engineers started to shift to configuration management solutions where they could write code to manage their IAM functions. Others would write home grown scripts to deploy users on their AWS users, Docker instances, or Jenkins servers. All of these approaches added work and more moving parts. They were hardly less work and IT friendly.
Then a new approach emerged to DevOps with cloud identity management. This solution, called Directory-as-a-Service®, securely manages and connects user identities to IT systems regardless of their platform, provider, protocol, or location. This means that an engineer can have the same identity for their G Suite email, AWS cloud servers, GitHub repos, and much more. The beauty of this approach is that you can stitch together all of these different DevOps tools with one identity across them. Now, DevOps engineers can automate and secure the process of identity management from one ‘pane of glass’.
Learn More About the DevOps Tool for Cloud IAM
If you would like to learn more about the DevOps tool for cloud identity management, drop us a note. We’d be happy to walk you through how our virtual identity provider is the next generation of cloud IAM. Additionally, feel free to try our cloud directory service for yourself. You can sign-up for a free account and your first 10 users are free forever.