Posted On: Aug 29, 2023

AWS Private Certificate Authority (AWS Private CA) launches the Connector for Active Directory (AD). The Connector for AD allows you to use AWS Private CA as a drop-in replacement for your self-managed enterprise certificate authorities without the need to deploy, patch, or update local agents or proxy servers. Enterprises that use AD to manage Windows environments can reduce their private certificate authority (CA) costs and complexity. You can help meet your security and compliance goals by using AWS Private CA, a fully-managed service, which stores CA private keys in FIPS 140 validated hardware security modules (HSMs).

With the Connector for AD, you can issue certificates to identify your domain-joined objects like users, computers, and smart cards that use AD auto-enrollment. You can use the Connector for AD with AWS Managed Microsoft AD to eliminate on-premises infrastructure by migrating your AD and public key infrastructure to the cloud. For customers looking to use AWS Private CA with their on-premises AD, this feature also integrates with AWS Directory Service AD Connector

The Connector for AD is available in all AWS Regions where AWS Private CA is available, except Israel (Tel Aviv) and the AWS GovCloud (US) Regions. This feature is offered at no additional charge; you only pay for the AWS Private CAs and the certificates issued from them. To get started, see the Getting started guide.