Setting up initial infrastructure

Question

I am setting in basic infra for a new startup. We use G-Suite of products for email, Github enterprise for code, slack for team communication and openVPN for office. We also have accounts in AWS, Azure and GCP.Ideally, we should be having a single system that manages user identity, authentication and authorization. I should be able to create a user in a single place and they get access to all of these in the right way and when they leave, lock out access from a single place.I am wondering what do you folks use to create and manage the initial setup so that it is done right.

Jugurtha · Accepted Answer

>We also have accounts in AWS, Azure and GCP.Do you mind sharing why you have accounts on all three? We do something similar because our product, https://iko.ai, enables people to train, track, package, deploy, and monitor machine learning models, run real-time collaborative notebooks and long-running background notebooks on their own Kubernetes clusters and their own data buckets; therefore we have to support GCP's GKE, Azure's AKS, AWS' EKS, DigitalOcean Kubernetes, etc.I wonder if you're doing "something something multi-cloud/cloud agnostic" as well. If not, why have all three as opposed to leverage just one cloud.

znpy · Answer

The main system should be the active directory instance (or equivalent) in your office. Something you trust and that nobody will ever take away frkm you.
Then most systems can be set up to federate with external systems. Aws for example can allow identity federation via saml iirc, azure probably has something active-directory-native.
Dunno for gsuite or other systems... but there probably is.

sunsetMurk · Answer

Rippling [1] is pretty sweet if it has the integrations you need.1- https://www.rippling.com/

akajla · Answer

Employee management/HR systems like Rippling or Gusto should be able to handle basic SSO/software access and hook into employee onboarding and offboarding.

mavelikara · Answer

We use G-Suite as the IdP.