aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Multi-Cloud
  • Platforms

VMware Scales Multi-Cloud Security With Workforce Identity Federation

  • aster.cloud
  • September 18, 2023
  • 3 minute read

Working in multi-cloud environments gives organizations more flexibility to build and optimize applications. However, operating in multiple environments can also introduce new complexities and risks. VMware provides a wide range of solutions to help address them, and as a multi-cloud organization ourselves, we see some of our customers’ challenges firsthand.

Maintaining compliance across all of our projects and teams as we continue to scale requires consistent monitoring. We have dozens of different departments and thousands of projects across multiple environments, each with distinct service level objectives and security requirements. For a long time, we had to manage permissions manually for different environments. We knew there had to be a way to more effectively manage provisioning and security at scale.


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

Opening the door for secure development with Google Cloud’s Workforce Identity Federation

We were already using Google Cloud, and specifically Cloud Run, to build and deploy apps, and we wanted to build a management solution that would complement it and provide us with a single pane of glass to monitor our entire security infrastructure. Our team developed a service we call CloudGate, built with Workforce Identity Federation. This gives us enterprise-level access control and governance management across all of our cloud environments in one place. Now, our security operation center can see exactly what’s going on with individual accounts at a glance.

We can manage permissions for individuals connected to specific groups, accounts, or projects through CloudGate in combination with our identity provider. When a user attempts to interact with a cloud project, rather than trying to grant specific access permissions, we can use workforce pools from Workforce Identity Federation to give a user an ephemeral session.

Read More  Google Cloud Next 2019 | How to Make Enterprise Search More Effective with Google Cloud Search

This means we can set the exact access level and limit that access to a set period of time. With finer control and clearer visibility, we can track specific steps that users have taken as they interact with cloud resources. Since we track the same user identity inside VMware all the way through our cloud environment, we can audit our security posture more easily and frequently to locate potential risks as they arise anywhere in our environment. By simplifying the audit and monitoring processes, we can be even more diligent about guarding against potential threats, such as access credentials leaks from provisioned employee accounts.

Centralizing security management to improve collaboration

The federated access model ensures that we don’t need to worry about managing account-level security and compliance for each of our cloud environments. Our security and compliance teams are able to use CloudGate to carefully manage and monitor compliance at our business unit level, so our service teams can focus on improving our product and developing new features for our customers.

That growth is easy to see by looking at how fast we’ve been able to roll out new projects with CloudGate. Since launch, we’ve onboarded users for nearly 7,000 projects, and are adding 200 more per month. Generic access controls with Workforce identity pools give our technical leadership confidence that the compliance and security facets of public cloud access are well controlled, so we can get started on new work faster.

Federating access has also made cross-departmental collaboration easier. For example, our finance team may want visibility into how and where capital is being allocated for a specific project. We can use CloudGate to grant specific permissions to that team (or individual user) with only the level of detail they need to see without granting access to the same resources that the development team is using.

Read More  Deploy Google Cloud In A Few Clicks With RAD Lab UI

Continuing the climb into the cloud

Part of the drive behind adopting Workforce Identity Federation and building CloudGate is that VMware continues to grow in the hyperscaler marketplace. We’re expanding our software-as-a-service footprint with new products, and that growth has only been made possible through our enhanced security and compliance postures. We’re excited to align ourselves with Google Cloud and share these security enhancements with our own customers when we make CloudGate available for them.

By: Thiru Bhat (Director, VMware)
Originally published at: Google Cloud Blog

Source: cyberpogo.com


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • CloudGate
  • Google Cloud
  • Identity Federation
  • Multi-Cloud
  • Security
  • VMware
You May Also Like
View Post
  • Computing
  • Multi-Cloud
  • Technology

Reliance on US tech providers is making IT leaders skittish

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Examine the 4 types of edge computing, with examples

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

AI and private cloud: 2 lessons from Dell Tech World 2025

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

TD Synnex named as UK distributor for Cohesity

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Weigh these 6 enterprise advantages of storage as a service

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Pulsant targets partner diversity with new IaaS solution

  • May 23, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Growing AI workloads are causing hybrid cloud headaches

  • May 23, 2025

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.