AWS Directory Service

The AWS Directory Service is an Amazon Web Services tool that allows enables an IT administrator to run Microsoft Active Directory (AD) in the public cloud, easing setup of user and group data and giving an end user access to AWS cloud services.

The AWS Directory Service enables an IT team to connect an existing on-premises AD to the cloud or to create a new directory. The service simplifies deployment of Linux- and Windows-based cloud workloads by handling management tasks, such as monitoring domain controllers and deploying redundant infrastructure across multiple availability zones.

An administrator uses AWS Directory Service to reduce time spent on management tasks. He can manage user and group policies in the cloud, configure single sign-on to applications and services, or domain-join Elastic Compute Cloud instances. An admin also can import existing corporate credentials to simplify security and access controls through AWS Identity and Access Management roles.

The AWS Directory Service has three directory options: Microsoft AD, Simple AD and AD Connector. Simple AD, an open source offering from Samba, includes basic features of Microsoft AD but excludes more advanced features. A user can migrate data from Simple AD to Microsoft AD, but cannot migrate an on-premises Microsoft AD to the cloud. AD Connector is a directory gateway that proxies requests to an on-premises Microsoft AD.

AWS Directory Service also integrates with AWS CloudTrail for logging capabilities and with Amazon Simple Notification Service to enable status notifications.

This was last updated in August 2016

Continue Reading About AWS Directory Service

Dig Deeper on AWS infrastructure