Posted On: Jun 20, 2022

AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) now provides you the flexibility to update your directory settings. This makes it easier to meet your specific security and compliance requirements across all new and existing directories. Starting today, you can update your directory settings and AWS Managed Microsoft AD applies the updated settings to all domain controllers, automatically. You accomplish this using the AWS console or automating with AWS Command Line Interface (AWS CLI) and/or API.

Now, you can update fine-grained secure channel configuration for protocols and ciphers of your directory. For example, you can enable or disable individual encryption ciphers, such as RC4, and secure channel protocols, such as TLS 1.0, based on your security and compliance requirements.

For step-by-step instructions on configuring your directory’s security settings, from the console or via API, please see the Configure directory security settings article.

This new feature is available in all AWS Regions where AWS Managed Microsoft AD is available (excluding Africa (Cape Town), Asia Pacific (Hong Kong), Europe (Milan), Middle East (Bahrain), AWS GovCloud (US), and China Regions Beijing (BJS)-Operated by Sinnet and Ningxia (ZHY)-Operated by NWCD). To learn more, see the AWS Directory Service Administration Guide.