In our second post in a multi-part series on federating Microsoft Active Directory or LDAP to AWS servers, we discuss what user management on AWS is, and why people use it.
Provisioning servers on AWS is fast, easy, and cost effective. No longer do you have to procure hardware, rack and stack the server, install operating system software, and then configure it. With just the click of a button from your AWS console, a standard server can be up and running in seconds, and better yet, one with your own server image with all of your software and configurations.
Unfortunately, one of the most critical tasks of setting up a server is creating user accounts. That is a painful, manual multi-step process. It includes manual configuration of users, public/private keys for SSH, key management and distribution to users, and the constant modification of the system to ensure security, proper updates, and network admin changes. Collectively, the process of managing user accounts on AWS is painfully long, writhe with human error, and inefficient for corporate operations.
One server is easy. One hundred servers is complex. One thousand servers is next to impossible.
The irony is that user management is one of the most critical items that an IT organization can manage. But they rarely have an identity management strategy. History has shown that the single biggest risk of a compromise is through the hijacking of personal credentials. This spans across accounts that have been compromised through phishing and username/password combinations stolen from another site to remnant accounts that should have been terminated long ago, or just plain brute force attacks. All of these tactics (and plenty more) are used by hackers and cyber criminals to gain access to your AWS infrastructure.
Learn More About Managing Users On AWS Servers
The challenge that DevOps and IT admins face around identity and access management is two-fold: operational efficiency and security. Unfortunately, managing access and permissions to AWS servers has been neither simple nor straightforward. This multi-part blog series will examine a number of opportunities around managing users on your AWS servers, and how JumpCloud’s Directory-as-a-Service® (DaaS) solution changes the game for IT pros. JumpCloud® makes federating your Active Directory or LDAP users to your AWS environment quick, simple, and secure. Learn more about JumpCloud today.