Posted On: Mar 3, 2020

Amazon Aurora with PostgreSQL compatibility now supports external authentication of database users using Kerberos and Microsoft Active Directory.

Aurora PostgreSQL support for Kerberos and Microsoft Active Directory provides the benefits of single sign-on and centralized authentication of Aurora PostgreSQL Database users. Keeping all of your user credentials in the same Active Directory will save you time and effort as you will now have a centralized place for storing and managing them for multiple DB instances.

With this feature, in addition to password-based and IAM based authentication methods, you can now authenticate using AWS Managed Microsoft AD Service. You can enable your database users to authenticate against Aurora PostgreSQL using the credentials stored in the AWS Directory Service for Microsoft Active Directory. You can use the same Active Directory for different VPCs within the same AWS region. You can also join Aurora PostgreSQL instances to shared Active Directory domains owned by different accounts.

Active Directory integration is supported with Aurora PostgreSQL versions 10.11 and newer, and 11.6 and newer.

Amazon Aurora combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. It provides up to five times better performance than the typical MySQL database and three times the performance of the typical PostgreSQL database, together with increased scalability, durability, and security. For more information, please visit the Amazon Aurora product page.