You're reading from Multi-Cloud Architecture and Governance Leverage Azure, AWS, GCP, and VMware vSphere to build effective multi-cloud solutions

Product type Paperback

Published in Dec 2020

Publisher Packt

ISBN-13 9781800203198

Length 412 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Computing

Authors (2):

Jeroen Mulder

View More author details

Table of Contents (28) Chapters

Preface

1. Section 1 – Introduction to Architecture and Governance for Multi-Cloud Environments

2. Chapter 1: Introduction to Multi-Cloud FREE CHAPTER

3. Chapter 2: Business Acceleration Using a Multi-Cloud Strategy

4. Chapter 3: Getting Connected – Designing Connectivity

5. Chapter 4: Service Designs for Multi-Cloud

6. Chapter 5: Managing the Enterprise Cloud Architecture

7. Section 2 – Getting the Basics Right with BaseOps

8. Chapter 6: Designing, Implementing, and Managing the Landing Zone

9. Chapter 7: Designing Resilience and Performance

10. Chapter 8: Defining Automation Tools and Processes

11. Chapter 9: Defining and Using Monitoring and Management Tools

12. Section 3 – Cost Control in Multi-Cloud with FinOps

13. Chapter 10: Managing Licenses

14. Chapter 11: Defining Principles for Resource Provisioning and Consumption

15. Chapter 12: Defining Naming Conventions and Tagging

16. Chapter 13: Validating and Managing Bills

17. Section 4 – Security Control in Multi-Cloud with SecOps

18. Chapter 14: Defining Security Policies

19. Chapter 15: Implementing Identity and Access Management

20. Chapter 16: Defining Security Policies for Data

21. Chapter 17: Implementing and Integrating Security Monitoring

22. Section 5 – Structured Development on Multi-Cloud Environments with DevOps

23. Chapter 18: Designing and Implementing CI/CD Pipelines

24. Chapter 19: Introducing AIOps in Multi-Cloud

25. Chapter 20: Introducing Site Reliability Engineering in Multi-Cloud

26. Assessments

27. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using a central identity store with Active Directory

Before we get into Active Directory (AD) itself, it's important to understand that it should definitively not be confused with Azure Active Directory. The latter is an authentication service in Azure, whereas Active Directory really is a directory.

Understanding AD is not easy, but basic knowledge is necessary when talking about IAM. An enterprise should only have one central directory. Identities should only be kept in one place. That also comes with a risk: if the directory gets breached, an attacker will have access to all identities that exist within the enterprise. It's crucial that the directory and the IAM system is very secure and that directory data is extremely well protected. This is an area where tools such as Saviynt and CyberArk come in: they add an extra security layer on top of IAM.

Both Saviynt and CyberArk offer solutions that are deployed on top of IAM, providing vaults and a way to secure access...