IAM DevOps

Traditionally, Identity and access management systems haven’t been built using modern software development methodologies like proper versioning or automated testing. Many legacy IAM products have been very monolithic and constrained in the way that they are configured, deployed and maintained. In many cases IAM software has been running on platforms that are maintained by third party service providers making any environmental changes hard, time-consuming and error-prone. Production configuration updates have been done manually without proper versioning or systematic release process.

Haidion thinks that modern DevOps practices should be applied to IAM also. The goal should be to maximize the level of automation at all steps of IAM system implementation from development to production. The ideal is to have an automated pipeline that builds the IAM software component when checked into a version control system, verifies the software through a series of tests and finally deploys the software into an environment. IAM DevOps helps us to shorten the IAM development life cycle and provide continuous delivery with high software quality.

Some of the tools that are needed to move towards our DevOps goal are: Infrastructure as code, Continuous integration / Continuous Deployment, Test automation, Containerization and Orchestration. 

Our DevOps Best Practices will produce:

  • Analysis of current development tools, environments and methodology

  • List of recommended DevOps practices to go further including e.g.

    • Configuration management and versioning guidelines

    • IAM automation improvement guidance

    • IAM release process improvement tips

    • A plan to manage IAM infrastructure as code

We can produce a set of DevOps Best Practices for the following products:

  • ForgeRock

  • Oracle

On the following platforms:

  • AWS

  • Linux

  • Docker