Google Cloud Identity and AWS are two of the most popular computing platforms for modern organizations. Both offer numerous benefits for cloud-forward organizations, such as improving productivity and scalability while reducing capital expenditure and management overhead. Both offer a makeshift directory service and management capabilities for their respective services.
Despite their similarities, make no mistake, Google and Amazon are fierce competitors. The trouble is that organizations that leverage both Google Cloud Identity and AWS are often caught in the crossfire. With such a bitter rivalry, many IT admins can only wonder if they can connect a Google Cloud Identity with AWS.
The short answer is no, you cannot authenticate AWS servers with Google Cloud Identity natively. Fortunately, it is possible by implementing a third-party cloud directory platform as a bridge between the two. But before we explain how, it’s important to understand why it’s necessary.
Why Google doesn’t Connect to AWS
Google recently created a central identity for Google’s business customers — those that use G Suite and Google Cloud Platform. The concept was to have one Google identity that could be leveraged across the entire suite of Google Apps, including G Suite, GCP, and more.
However, Google Cloud Identity was created to manage Google services, and was not necessarily designed as a core identity to be federated across the array of IT resources that a user may need, like AWS. For instance, G Suite directory can authenticate with Google Cloud Identity to a small number of web applications via the SAML and OAuth protocols. Yet, the solution isn’t meant to be a core identity provider connecting to various systems, servers, applications, storage, and networks.
Why AWS doesn’t Connect to Google
AWS on the other hand is the most popular Infrastructure-as-a-Service platform. Similarly to Google, AWS users leverage a core AWS identity to access their management console and Amazon’s respective web services.
AWS has enjoyed massive success, with over 1mm business customers and growing fast. Yet, AWS identities are not what IT admins, DevOps engineers, or even developers use to access cloud servers or resources outside of AWS. Generally, technical personnel don’t even use a username / password to access AWS infrastructure, but rather their SSH keys. A Google Cloud Identity isn’t going to help with that.
How to Connect Google Cloud Identity with AWS
The good news is that a cloud directory platform has emerged that can act as a liaison of sorts between the two. JumpCloud® is a core identity provider that seamlessly integrates with Google’s identity management services. It works by integrating with your existing G Suite directory through JumpCloud’s G Suite Directory Sync feature.
A Google Cloud Identity can then be leveraged as the core identity within JumpCloud and federated to AWS and a wide variety of other platforms and providers like Microsoft 365 and Azure, on-prem services like OpenLDAP and Active Directory®, Samba file servers and NAS devices, heterogeneous operating systems (e.g. Windows, Mac, Linux), and WiFi networks with RADIUS authentication, and a lot more. The core Google Cloud identity can even be decorated with SSH keys and multi-factor authentication. In this sense, a Google Cloud Identity can be federated to AWS cloud servers via JumpCloud.
Learn More about How to Connect Google Cloud Identity with AWS
Want to know more? Contact a member of the JumpCloud team to learn more about how to connect Google Cloud Identity with AWS. You can also sign up for a JumpCloud Free account and start connecting Google Cloud Identities to AWS today. Your first 10 users and systems are free so you can see just how easy AWS authentication with a Google Cloud Identity can be. If you need a helping hand, access our in-app chat 24×7 within the first 10 days and our customer engineering team will support you.