By Rajat Bhargava Posted March 7, 2017
Google’s been making a major effort with their Google Cloud platform. They are playing catch-up to both AWS and Azure, so they are pulling out all of the stops. They’ve done a name change and have a number of new products and services. Many of those solutions are focused on how to help IT organizations manage cloud infrastructure. This ends up raising a question about identity and access management solutions and pits Google’s Cloud IAM vs Directory-as-a-Service®.
Unfortunately, with the onslaught of solutions that are tied to Google Cloud, there can be a great deal of confusion. Google likes to tout their 500 security engineers as well as their focus on security. Some of that focus has been on identity management or what they might refer to as identity management services, and Google Cloud IAM is one of their solutions.
What Is Google Cloud IAM?
Google Cloud IAM is a cloud identity management solution for managing access to the web management console for Google Cloud. The idea is for IT organizations to be able to tightly control who can spin-up projects, modify configurations, and subscribe to events, among many other items. It should be noted that Google’s Cloud IAM is focused on being able to manage Google Cloud. It is neither focused at the cloud server layer nor on managing systems and devices at that layer. Google Cloud IAM is viewed as competing with AWS IAM, which makes a lot of sense since Google’s Cloud is primarily competing with AWS.
How it Differs From Directory-as-a-Service®
As the image above shows, Google Cloud IAM doesn’t manage systems, WiFi networks, or infrastructure (e.g. cloud and on-prem servers). That’s a dramatic difference from an IDaaS solution such as Directory-as-a-Service.
The goal of the virtual identity provider is to be the independent, central directory service across an organization. Users can be securely connected to the IT resources that they need, including systems, applications, and networks. Those systems can be Windows, Mac, or Linux and can be on-prem or in the cloud. The benefit of this approach is that cloud servers can be managed at AWS, Azure, or Google Cloud, among many others. Cloud and on-prem applications leveraging SAML and LDAP can also be managed for user access. Access to the network can be controlled via RADIUS.
In short, Directory-as-a-Service is the modern replacement to Active Directory and OpenLDAP.
Directory-as-a-Service is in stark contrast to Google Cloud IAM. One is a central identity provider and the other is a user management system for their own cloud platform. In fact, both could be used in a complementary fashion with Directory-as-a-Service functioning as the centralized identity management solution for the organization.
Using Google and JumpCloud Together
If you would like to learn more about Google Cloud IAM vs Directory-as-a-Service, drop us a note. We’d be happy to walk you through the differences and when each cloud identity management solution is right for a situation. Also, sign up for Directory-as-a-Service and see how you can integrate it with your Google Cloud servers and infrastructure. Your first 10 users are free forever.