Posted On: Nov 19, 2020

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, now supports automated, multi-region replication of your directory. Now you can deploy and use a single AWS Managed Microsoft AD (Enterprise Edition) directory across multiple AWS Regions. This makes it easier and more cost-effective for you to deploy and manage your Microsoft Windows and Linux workloads globally. With the automated multi-region replication capability you get higher resiliency, while your applications use a local directory for optimal performance. 

When you enable this feature and add new Regions to your directory, AWS Managed Microsoft AD automatically configures inter-region networking connectivity, deploys domain controllers, and replicates all your directory data, including users, groups, Group Policy Objects (GPOs), and schema, across your selected regions. In addition, AWS Managed Microsoft AD configures a new AD site per region which improves user authentication and domain controller replication performance within the region while also lowering costs by minimizing data transfers between regions.

AWS Managed Microsoft AD is built on highly available, AWS-managed infrastructure. In addition, data replication and automated daily snapshots are configured for you. You do not have to install software, and AWS handles all patching and software updates. With AWS Managed Microsoft AD, you can seamlessly join your Amazon EC2 for Windows, Amazon EC2 for Linux , Amazon RDS for SQL Server, and Amazon FSx for Windows File Server instances to your directory. By integrating with Amazon Simple Notification Service (SNS) and Amazon CloudWatch, AWS Managed Microsoft AD allows you to monitor the directory’s health and security logs globally.

Multi-region replication is available for use with existing and new AWS Managed Microsoft AD (Enterprise Edition) directories in the US East (North Virginia), US East (Ohio), US West (Northern California), US West (Oregon), GovCloud (US-East), GovCloud (US-West), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Paris), Europe (Stockholm), and South America (Sao Paulo) Regions. You pay by the hour for the domain controllers in each region, plus the cross-region data transfer. To learn more, see the AWS Directory Service Administration Guide.