Hi everyone,
I’m trying to understand how access control (authentication and authorization) is handled in multi-cloud environments like AWS, Azure, and GCP.
From what I’ve found so far, most solutions seem to focus mainly on authentication (SSO, identity providers, etc.), especially for user access to cloud services.
But I haven’t really found much information about authorization and how permissions are managed across multiple clouds, or how service-to-service access works. For example, if a service running in AWS needs to access data in GCP.
I did come across identity federation, but it looks like it mostly solves authentication rather than authorization.
So I’m wondering how this is usually handled in practice. Do companies use any solutions that centralize access control across clouds, or is everything managed separately inside each cloud’s IAM? How do they keep permissions and policies consistent across different providers?
If anyone has seen real-world setups, tools, or architectures for this, I’d really appreciate examples.
Thanks!