JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Google Cloud IAM



Google recently announced Google Cloud IAM (Identity and Access Management). It is a free tool that sits on top of Google Cloud that helps organizations to control their cloud infrastructure at Google Cloud. At a high level, you can think of Google Cloud IAM as analogous to AWS IAM. Yet it is very different from cloud directory services, such as our Directory-as-a-Service® platform and also what Google is thinking about with respect to Identity Management Services.

What Google Cloud IAM Does

Google Cloud IAM is a management tool for Google Cloud that focuses on how to manage access to Google Cloud projects. The idea behind their identity service solution is to provide a mechanism to control who has access to projects, who can create projects, and what actions individuals can take on projects. Cloud IAM can go deeper, giving IT organizations more granular control over specific resources as well.

Google Cloud IAM leverages the concept of groups as well as users’ existing Google identities. Policies can be created based on roles or functions within an organization to provide easy access control. All changes and updates to the Cloud IAM platform are logged for auditing purposes. You can also manage Cloud IAM via the web console or through APIs, thereby giving you the opportunity to tightly integrate it with your applications and configuration management infrastructure.

What Google Cloud IAM Doesn’t Do

Like AWS IAM and Azure Active Directory, Google’s Cloud IAM platform is focused only on their own infrastructure unlike a cloud identity management platform. Think of Cloud IAM as your access control system for the Google Cloud management console. Cloud IAM does not function like a central directory service similar to Active Directory, OpenLDAP, or Directory-as-a-Service. Access to the Google Cloud servers at the server level is handled by a separate system. One such cross-platform IDaaS solution is Directory-as-a-Service.

How to Extend Google Identities to Systems & Networks

Organizations that are leveraging Google Cloud should absolutely utilize Cloud IAM. It will help them lock down access to the right individuals for creation and management of Google Cloud projects. For individual cloud server access management, we’d also suggest that IT organizations look to complement Cloud IAM with Directory-as-a-Service. The cloud-hosted directory service can tightly manage the access to Windows and Linux cloud servers, whether they are hosted at Google Cloud, AWS, Azure, IBM Softlayer, Digital Ocean, or others.

JumpCloud®: The Clear Solution For Cloud Server Access

The concept of controlling access needs to occur at the lowest levels – server and file / application resource level. And it must continue through the highest abstraction layers, for instance, who can control projects at Google Cloud. Directory-as-a-Service can step up to the task of being a central directory service for cloud servers.

If you would like to learn more about Google Cloud IAM and how it can help you as well as how it can complement your cloud directory service plans, drop us a note. Also, please sign up for a free account and give it a try for yourself. Your first 10 users are a free forever.


Recent Posts
The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

Blog

Deploying Custom Configuration Profiles to MDM-Enrolled macOS Systems using a JumpCloud Policy

The MDM Custom Configuration Profile policy gives admins new device management controls that they can use fit to their organizations’ needs.

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

Blog

Apache Directory Server vs. OpenLDAP

OpenLDAP and Apache Directory Server are both popular solutions — but another alternative is cloud-hosted LDAP. Try JumpCloud free today.

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.

Blog

July ’20 Newsletter

See all of the new features and updates available in Directory-as-a-Service in the July '20 edition of the JumpCloud Newsletter.