By Rajat Bhargava Posted March 28, 2017
Many IT and developer organizations are trying to figure out how to think about Google Cloud IAM. What exactly is Cloud IAM? How can it help an organization? The thought process goes from being a user management system for Google Cloud to a central identity provider for an organization.
This blog post addresses the choice between Google Cloud IAM vs Microsoft Active Directory.
The good news is that when you are comparing these two identity and access management solutions, you are really choosing between apples and oranges. Both solutions can be valuable to an organization. In fact, both solutions may be used in conjunction with each other, although the movement to replace Active Directory is making that less prevalent.
Google Cloud IAM
As IT organizations shift to the cloud, choices such as Google Cloud are an important part of the overall infrastructure. Google Cloud is competing heavily with AWS and Azure. Shifting on-prem data centers to be cloud-hosted infrastructure is wise for most organizations. AWS and now Google Cloud are on the short list to be that outsourced provider. Both Google and AWS offer management tools to help support the transition to the cloud and ongoing management. Identity and access control is a key part of that process.
Google Cloud IAM is a similar solution to AWS IAM. It functions as a user management system for the Google Cloud web management console. Cloud IAM controls who can access the console and what tasks they can perform. Google Cloud thinks of their platform in the vernacular of projects and resources. Google Cloud IAM centrally controls who has the ability to create and manage those projects and resources. IT admins should think of this control at the website level and not at the server or application layer. Cloud IAM is a user management system for Google Cloud.
Active Directory and Microsoft’s Identity Management
Microsoft Active Directory, on the other hand, is a Microsoft Windows-centric identity provider for on-prem systems and applications. AD has been the legacy, on-prem market share leader for almost two decades now. IT admins have leveraged Active Directory as their central point of control for Windows users and systems. AD has historically been the authoritative source of identities within an organization. Third-party solutions such as Google Cloud IAM are generally adjunct solutions to the main identity provider.
Bringing it All Together
In a sense, Google Cloud IAM is a solution that could sit on top of AD’s core identities. In practice, though, many IT admins that have shifted to the cloud are searching for a cloud identity management platform rather than the on-prem AD or OpenLDAP approach. This solution is called Directory-as-a-Service®. It is a replacement to Active Directory and a modern IDaaS (Identity-as-a-Service) solution. Directory-as-a-Service is complementary to Google Cloud IAM and enables IT admins to completely shift their identity management solutions to the cloud.
More on Google Cloud IAM vs Active Directory
If you would like to learn more about the comparison of Google Cloud IAM vs Active Directory, drop us a note. You may also give JumpCloud’s virtual identity provider a try for yourself. You will see how it complements Google Cloud IAM and gives you an alternative to Active Directory.