AWS Managed Microsoft AD is now available on Windows functional level 2016
Starting today, all AWS Directory Service for Microsoft AD (AWS Managed Microsoft AD) directories run on Windows functional level 2016. The upgrade to Windows functional level 2016 has been applied automatically to all existing AWS Managed Microsoft AD directories. The functional level upgrade includes enhanced authentication mechanisms and improved security for privileged access management, helping you better protect your Active Directory infrastructure in the cloud.
This upgrade provides LAPS (Local Administrator Password Solution), which helps you manage local administrator passwords on domain-joined computers by automatically generating unique, complex passwords, and storing them securely in Active Directory.
This is enabled in all AWS Regions where AWS Managed Microsoft AD is available, except in the Middle East (UAE) and Middle East (Bahrain) Regions. To learn more, see the AWS Directory Service Administration Guide.