The successor to AWS Single Sign On, AWS IAM Identity Center is used to centrally manage workforce access to multiple AWS accounts and applications. It helps users to securely create or connect workforce identities and manage their access centrally across AWS accounts and applications. AWS states that IAM Identity Center is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type.
N/A
Microsoft Entra ID
Score 9.0 out of 10
N/A
Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
IAM plays a pivotal role in our organization, addressing the unique needs of our diverse workforce, which includes full-time employees, part-timers, contractors, and client engineers who access our workloads. This multifaceted solution offers us unparalleled control over access, ensuring that each individual has precisely the permissions they need and nothing more. IAM's robust security features guarantee the protection of our valuable resources and sensitive data. As our organization expands, IAM effortlessly scales with us, adapting to changing requirements, and helping us maintain our commitment to top-tier security and efficient access management.
Definitely well suited for enterprise identity management. Just makes sense to use that tool because it's been the standard for so many years. Businesses that may not be ready for an enterprise level product might not be for them just due to cost. So there might be some more cost efficient and effective ways to perform the same tasks.
It addresses the issue of identity management very well with respect to putting in that multi authentication.
It can also support with respect to we can push these policies into another product that is not Microsoft, but it needs that SSO so we can have one account going into multi different accounts. I think that's the biggest pros and the easy use of Microsoft 365 also is one of those pros also in terms of administration.
Make it easier for users to assume roles securely, especially in cross-account settings. This might involve simplifying the process of switching roles in the management console or creating a command for AWS CLI that supports smoother role assumption.
Policy testing tools will be invaluable for administrators when they are creating policies. If this tool is able to assess the impact of enforcing a policy it will help greatly in preventing policy misconfigurations that lead to unintended consequences.
Better user interface, AWS should simplify the IAM interface to encourage new users.
Well, I'm an active ad admin, so there's a lot of features in active directory that Entra ID seems to be just adding now. We're kind of figuring out that the policies are different than Entra ID that they were in active directory and we're finding other products to do that, like Azure policy. Some things I'm used to seeing in identity products or like active directory aren't in Entra iID, but are doing good job of managing stuff that it does so far.
MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.
It gets easier with time, initially, it can be overwhelming for a fresher. Once you're used to working with roles and policies and know when and where it is required eventually it becomes easy
Very easily usable. It could be easier to use. Implementation was kind of tricky. We do run a hybrid environment, so we're syncing a local active directory instance with Entra ID, so that could be a little tricky. But outside of that, if you're not running a hybrid deployment or a version of Entra ID usually, it's pretty straightforward.
I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
AWS Identity and Access Management (IAM) excels over Google Cloud IAM with its granular control, extensive service integration, and robust security features. AWS IAM provides fine-tuned access policies, versatile role delegation, and a wide array of services. Its adaptability and extensive toolset make it the preferred choice for businesses of all sizes.
For us, it was a natural evolution of our use of active directory. As we went from on-premises to the cloud, this was an easy extension of our authentication infrastructure. We looked at other products from Oracle, so Oracle ID, Oracle Identity Management. We looked at pink credit for single sign-on. It was just everything was built into Entra ID. Both internal use cases and external ones.
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
AWS IAM Identity Center has significantly bolstered our security posture by ensuring that only authorized personnel access our resources. This enhanced security has protected us from potential data breaches or unauthorized use of resources, mitigating risks and potential costs associated with security incidents.
While IAM brings long-term cost savings, there might be initial implementation and training costs. It's important to factor these costs into the ROI equation.
If your organization isn't used to such fine-grained access control, there might be resistance to adopting IAM. Overcoming this resistance might require additional training costs.
I think it's had positive. It's enabled us to make authentication easier and more streamlined across the organization from frontline workers to back office workers.
It's allowed us to really adopt authentication policies and methods that suit that user and their work environment.
