Google Compute Engine: How to Manage Access

Written by Greg Keller on July 8, 2015

Share This Article

You’ve setup Google Compute Engine and have a number of servers spun up.

Great. Now how do you manage access to them?

Active Directory fails with Google Compute Engine

If you have Microsoft Active Directory® internally, Google’s infrastructure is out of reach. Single sign-on solutions can get users into the Google Compute Engine console, but not into the actual servers themselves.

You can decide to write code with configuration management solutions, but that sounds like a lot of work and overhead. You could decide to build LDAP or AD in the cloud, but then you would have two directories!

Isn’t there just a simple way that my users can single sign-on to Google Compute Engine servers?

Introducing DaaS

DaaS can connect users to Google Compute Engine

JumpCloud’s Directory-as-a-Service® (DaaS) solves the problem of managing users on servers at Google Compute Engine (and a whole lot more).

Built for companies that are aggressively leveraging cloud services – think startups and small-to-medium sized enterprises – JumpCloud is connecting your users to the IT resources that they need. Whether on-premises (i.e. their desktops, laptops, wireless access, etc.) or in the cloud (Compute Engine, SaaS application, etc.), DaaS can do it all – without you having to do all the work.

Doesn’t that sound nice? DaaS is new, but gaining recognition in the industry fast. It certainly resonated at the 2015 InterOp awards, where JumpCloud’s Directory-as-a-Service won in both the applications category and the grand prize across all categories (see complete list of winners)

DaaS in Action

Cloud Infrastructure (e.g. Google Compute Engine)

As you know, as soon as you start leveraging cloud infrastructure and different platforms, your existing directory (if you have one) breaks down. All an admin really wants is to maintain central control. With DaaS, it’s not just possible; it’s easy.

Let’s say you want central control over access to all of the servers at Compute Engine. If you have Active Directory on-premises, through JumpCloud, you can extend control to Compute Engine servers.

Constantly synced with AD, JumpCloud then controls access to Linux or Windows servers (plus multi-factor authentication to Linux machines). An add or delete in AD propagates through to Google Compute Engine nearly instantly.

No Directory, No Problem

cloud directory security

If you don’t have any directory services, JumpCloud becomes your SaaS-based central access control point. In addition to controlling Compute Engine servers, JumpCloud can control and manage your on-premise devices, internal IT applications, wireless access, and more.

What’s more, as a developer, you can leverage JumpCloud’s RESTful APIs to give your application instant directory services. You don’t need to build directory services into your application or build code to integrate with LDAP or AD. You can simply add the API calls to create users, delete users, or manage them in groups all while leveraging the JumpCloud SaaS-based backend infrastructure.

Robust Control, Minimal Effort

JumpCloud wraps full self service capabilities into its solution with an end user portal that allows for password resets, uploading of keys, and multi-factor authentication setup. As an admin or developer, you get out of the middle of managing user credentials.

Further, you offload the heavy lifting of building and maintaining directory services. Remember directory services is a 100% uptime activity! Your users get single sign-on access to their Google Compute Engine servers. JumpCloud is tightly integrated with Google Compute Engine and is a wonderful extension to leverage.

Get Directory-as-a-Service

Learn more about DaaS and Google Compute Engine

JumpCloud’s DaaS service is available for free for 10 users, and then for a per user per month charge.

Give JumpCloud’s cloud-based directory a try today! Or, if you have any questions, drop us a note.

Continue Learning with our Newsletter