Do ForgeRock products work with Microsoft Azure?
Microsoft Azure is Microsoft's cloud platform, which provides a range of cloud-based products and services. ForgeRock products work well with many Azure services.
Overview
Microsoft Azure provides over 200 products and cloud services to help you find the right solution to an extensive array of use cases.
This article looks at four key Azure services that ForgeRock is commonly asked about:
Azure Active Directory (Azure AD)
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service that lets users sign in and access resources. See Azure Active Directory (Azure AD) for further information.
You can synchronize IDM managed users and Azure AD users if required, or implement SSO.
See the following resources for further information:
- Synchronize data between IDM and Azure Active Directory
- How do I configure AM (All versions) as an Identity Provider for Microsoft Office 365 and Azure using WS-Federation?
- How do I integrate Microsoft Azure AD with Autonomous Identity for SSO?
Caution
Marketplace nodes are not supported by ForgeRock; it is your responsibility to verify that the software is suitable and safe for use.
Azure Kubernetes Service (AKS)
AKS is a hosted Kubernetes service that allows you to quickly and simply deploy a managed Kubernetes cluster in Azure. See Azure Kubernetes Service for further information.
ForgeOps (ForgeRock DevOps) enables you to deploy the ForgeRock Identity Platform in a Kubernetes containerized environment, including AKS.
See the following resources for further information:
Azure Load Balancer
Azure load balancer is a service that evenly distributes incoming traffic to ensure high performance and low latency. See Azure Load Balancer for further information.
Azure offers three SKUs within the load balancer service (Basic, Standard and Gateway) to ensure you can choose the most appropriate offering for your use case: SKU comparison.
See the following resources for further information:
- Load balancing (AM)
- On load balancers (DS)
- Proxy Protocol (DS)
- IDM in a cluster
- Prepare for load balancing and failover (IG)
- Configure load balancers and reverse proxies (Web Agents)
- Configure load balancers and reverse proxies (Java Agents)
Azure Firewall
Azure offers both a Firewall and a Web Application Firewall (WAF) for you to choose which is the most appropriate for your deployment. Both of these firewalls are cloud-based services and protect either your Azure Virtual Network resources or your web applications, including ForgeRock products. See Azure Firewall and Azure Web Application Firewall for further information.
One consideration when configuring a firewall or WAF is that you don't block legitimate traffic, which can cause web applications to fail. For example, blocking AM traffic will cause authentication flows to fail. Additionally, if you utilize the managed rule sets provided by Azure for their WAF, it is important to check nothing is broken after a managed rule is updated. Although managed rule sets provide rapid protection when new issues emerge, you may also find previously working web applications fail after an update.
See Also
Secure Your Enterprise with ForgeRock and Microsoft
Cloud Storage (DS)