Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Find and prevent compliance failures
Continuous Delivery for Puppet Enterprise
Build, test, and deploy infrastructure as code faster and easier
Compliance Enforcement Modules
Remediate to stay in compliance
Content & Modules
Pre-built scripts to automate common tasks
Get Puppet Enterprise
First 10 nodes are free!
Try it now
Request a demo
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
Want to experiment in Google Cloud Identity with secure LDAP? Start here!
Table of Contents:
Google Cloud LDAP is the use of a secure LDAP to allow organizations to manage access to SaaS and traditional apps on-premises or in the cloud. In the simplest technical terms though, this is an LDAP-compatible API that resides on top of G Suite/Cloud Identity.
Google Cloud needs LDAP to ensure secure authentication across infrastructure.
When organizations choose to migrate from an on-premises infrastructure to the cloud or to adopt a hybrid architecture, they are going to run into an issue: the authentication systems that modern internet services were built on are not natively compatible with the software that their organizations depend on. The result for many organizations is that they split up the infrastructure into groups of apps that support traditional identity systems like Active Directory and LDAP and new ones that support OAUTH; provisioning and having to manage the credentials and access permissions for multiple identities. This brings up the question: what is the definition of hybrid?
Us (ex-)operators and managers of infrastructure are well accustomed to hosting services from different geographic locations and maintaining entirely different systems depending on the use case. No matter where these systems were we'd unify them through networking, a collection of dark fiber links, or VPN tunnels over the open internet so that it felt like one complete and native infrastructure. The other half of making our infrastructure always feel like ours was a global identity. When I managed infrastructure for a university this identity was provided by LDAP, and while managing infrastructure for Puppet this identity was primarily our SSH key, which we distributed via Puppet.
Puppet Enterprise is infrastructure automation software born in the data center, so its console authentication system was built around the systems available there, but the value proposition of the platform equally applies to any organization in the midst of adopting the public cloud. These facts are at the core of why I find the introduction of Google Cloud Identity's Secure LDAP compelling. With it you can deploy a Puppet Enterprise installation with a cloud-native authentication backend so in the process of your migration you aren’t creating new overhead by doing away with a global user identity and having to maintain users across multiple environments.
Once setup, Secure LDAP functions in the same way as any other external identity source in Puppet Enterprise. Native support using the PE console external directory configuration pane is not currently available so additional local setup will need to be completed through the secure tunneling application, stunnel.
Here's how to use LDAP for Puppet Enterprise:
Not using Puppet Enterprise? Get started with a free trial today.
START MY TRIAL
This blog was originally published on November 1, 2018 and has since been updated for accuracy and relevance.
Business Development Manager, Puppet by Perforce