Improve the Security Between AWS Applications and Your Self-Managed Active Directory with Secure LDAP using AWS Managed Microsoft AD

Posted on: Nov 26, 2019

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, can now encrypt Lightweight Directory Access Protocol (LDAP) communications between AWS applications, such as Amazon Workspaces and Amazon Chime, and your self-managed AD. This allows you to better protect your organization’s identity data and meet your security requirements by enabling AWS Managed Microsoft AD as your Secure LDAP (LDAPS) client.  

To enable client-side LDAPS, you simply import your certificate authority (CA) certificate into AWS Managed Microsoft AD, then enable LDAPS on your directory. Upon enabling, all LDAP traffic between AWS applications and your self-managed AD will flow with Secure Sockets Layer (SSL) channel encryption. 

LDAPS support is available today in all regions where AWS Managed Microsoft AD is offered. To learn more, see how to Enable Secure LDAP (LDAPS).