Implementing Identity and Access Management
The core principle of identity and access management in the cloud is that everyone and everything in it is an identity. In this chapter, we will learn how we can manage identities and control their behavior by granting them specific roles, allowing them to perform only those activities that are related to the primary job of an administrator. We will see that Role-Based Access Control (RBAC) is very important to keep our cloud environments secure. We will learn about authenticating and authorizing identities, how to deal with least privileged accounts, what eligible accounts are, and why a central depository is needed. We will learn how we can federate with Active Directory from the various public clouds.
After this chapter, you will have a good understanding of technologies such as federation, single sign-on, multi-factor authentication, privileged access management, and Identity as a Service (IDaaS).