Posted On: Aug 31, 2023

Starting today, AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) and AD Connector are integrating with AWS Private Certificate Authority (AWS Private CA) to issue certificates for domain-joined objects that use Active Directory (AD) auto-enrollment. You can use a fully managed AWS Private CA drop-in replacement for your self-managed enterprise CAs without the need to deploy, patch, or update local agents or proxy servers. This also enables you to accelerate the migration of AD-aware workloads to AWS. 

You can set up AWS Private CA integration with your directory in just a few clicks by setting up AWS Private CA Connector programmatically or using APIs. AWS Private CA issues and manages certificates for your directory objects including users, groups, and machines with your AWS Managed Microsoft AD directly or your self-managed AD using AD Connector. To learn more about the use cases and for step-by-step instructions, please see Set up AWS Private CA Connector for AD - AWS Managed Microsoft AD and Set up AWS Private CA Connector for AD - AD Connector.

This new feature is available in all AWS Regions where AWS Directory Service and AWS Private CA are available except Israel (Tel Aviv) and the AWS GovCloud (US) Regions.