Who Cares? Access Management for Any Cloud!
December 17, 2014 | DevOps | Kevin O'Brien
Last week, Bloomberg ran a story about a major software development shop that has a truly hybrid cloud environment: a mix of Azure and AWS. The article is great (and worth a read), but it can be summarized simply: nobody picks just one provider any more.
Quoting from the piece, the client of the two cloud providers notes that he chose to hybridize across both platforms in response to last month’s Azure outage. His decision — a defensive play that makes it comparatively easy to switch back to AWS if Azure fails — “underscores the challenges Microsoft faces as it tries to wrest market share from industry leader and crosstown competitor Amazon.”
From the perspective of a neutral platform provider that works with both providers — as well as to Rackspace, VMWare, and a wide variety of bare metal providers — what the Bloomberg article describes is a case for abstracting access management away from the underlying platform. Imagine the effort involved in switching from one provider to another; as part of the process, how will you handle access management? User permissions? Service-to-service auth, so that your Jenkins server can still operate without having to rewrite your entire IAM stack?
One of the major benefits of the Conjur approach is that it decouples identity and access management from any particular cloud vendor. In doing so, our customers can get to a comfortably neutral place: who cares who wins the cloud platform argument? Access management will work regardless — users and services will be able to make Conjur calls no matter what the architecture is that underpins their actual work. Audit and compliance can see events and logs without interruption, even as the hardware and software environments shift.
It’s a classic write-once, use-anywhere scenario: Conjur is access management for any cloud, bringing elasticity to IAM and backing it up with strong zero-trust networking principles and a DevOps-friendly toolchain. And once it’s in place, who cares who your cloud provider is?