managing-cloud-identity-with-okta
Installation
SKILL.md
Managing Cloud Identity with Okta
When to Use
- When centralizing authentication across AWS, Azure, and GCP console access through a single identity provider
- When implementing phishing-resistant MFA to replace SMS or TOTP-based authentication
- When automating user provisioning and deprovisioning across cloud platforms and SaaS applications
- When enforcing adaptive access policies based on device compliance, user risk, and network context
- When auditing identity-related security controls for SOC 2 or zero trust compliance
Do not use for cloud-native identity management without external IdP requirements (use AWS IAM Identity Center or Azure AD natively), for application-level authorization logic, or for secrets management (see implementing-secrets-management-with-vault).
Prerequisites
- Okta organization with admin console access and appropriate license tier (Workforce Identity)
- AWS, Azure, and GCP accounts configured for SAML or OIDC federation
- Okta Universal Directory populated with user identities synced from HR system or Active Directory
- Device management platform (Intune, Jamf) for device trust integration