Active Directory Service in AWS

With AWS Directory Service you can easily manage users and groups, provide single sign-on to applications and services, create and apply group policy, join Amazon EC2 instances to a domain. AWS Directory Service enables your end-users to use their existing corporate credentials when accessing AWS applications, like Amazon WorkSpaces, Amazon WorkDocs and Amazon WorkMail, as well as directory-aware Microsoft workloads, including custom .NET and SQL Server-based applications.

How does AWS Active Directory Service work?

AWS Managed Microsoft AD is available in two editions: Standard and Enterprise.

Standard Edition: AWS Managed Microsoft AD (Standard Edition) is designed for small and midsize businesses with up to 5,000 employees. It provides you with enough storage capacity to support up to 30,000* directory objects, such as users, groups, and computers.
Enterprise Edition: AWS Managed Microsoft AD (Enterprise Edition) is designed to support enterprise organizations with up to 500,000* directory objects.

How to Create a directory?

You can use the AWS Management Console or the API to create a directory. You need to provide a fully qualified domain name (FQDN) for your directory, Administrator account name and password, and the VPC you want the directory to be attached to.

Features

• High availability
• AWS-managed infrastructure
• Multi-region replication
• Trust support
• Group-based policies
• Single sign-on (SSO)
• Seamless domain join
• Daily snapshots

Use Cases

• Sign In to AWS Applications and Services with AD Credentials.
• Manage Amazon EC2 Instances.
• Provide Directory Services to Your AD-Aware Workloads.
• SSO to Office 365 and Other Cloud Applications.
• Extend Your On-Premises AD to the AWS Cloud.
• Share Your Directory to Seamlessly Join Amazon EC2 Instances to a Domain Across AWS Accounts.
• For more information on the AWS Active Directory service pricing please visit this AWS service page.