User management and authentication with the cloud native systems may sound relatively simple, but there are a few key questions to consider:
- How to integrate cloud native, tool specific user management and authentication systems with primary identity management solutions (e.g. AD, Azure AD)
- How to manage and provide access to external partners
- How to set the permissions correctly
- How to manage user onboarding and off-boarding
Answers to these questions are often cloud service/tool specific and require deep, domain specific knowledge.
Azure AD based solutions
Many cloud native tool platforms enable integration with Azure AD as the primary identity management solution. This allows the corporate ID admins to control access to the cloud system directly from Azure AD.
The integrations may be direct (as with Azure Devops or AWS CodePipeline) or they may require purchase of additional licensed SW (as with Atlassian Cloud) with certain limitations.
Service with direct Azure AD integration supports Single-Sign-On and guest accounts for e.g. subcontractors, as long as they have an Azure AD based identity. With other tools, the guest users must have an identity related to a specific domain (e.g. an email address), which makes the onboarding a bit more time consuming.
Permission management requires careful planning and expertise. Cross team collaboration should be encouraged, without exposing unnecessary information to users that are not part of a specific activity.
For more information on the Azure AD based SSO integrations, please refer to