AWS Directory Service Features
Overview
AWS Directory Service provides a seamless path for organizations to migrate their Active Directory-dependent workloads to the cloud. By delivering a fully managed, native Windows Server-based Active Directory, the service empowers IT teams to leverage their existing AD skills and applications, while benefiting from enhanced security, reliability, and scalability. Businesses can easily integrate their AD environment with cloud-hosted services like Amazon RDS, FSx, and EC2, enabling a consistent AD management experience across environments.
The service's robust security features, including end-to-end encryption and compliance with industry standards, safeguard sensitive data. Furthermore, with multi-region deployments and autonomous management, AWS Directory Service ensures your critical directory services remain highly available, even in the face of disruptions. Whether you're an IT decision-maker, architect, or CIO, AWS Directory Service streamlines your cloud transformation journey, allowing you to modernize your AD infrastructure and empower your workforce through secure, scalable identity management.
Availability, scalability, and resilience
Open allMultiple Availability Zones
Scale out with additional domain controllers
Managed AD infrastructure
Daily snapshots
Global workload management
Open allMulti-region replication
Native Windows 2019 AD features
Open allSeamless domain join
Group-based policies
Schema extension
Group Managed Service Accounts
Trust support
Single sign-on
Security and compliance
Open allDirectory security settings
Server-side LDAPS
Client-side LDAPS
AWS Private CA Connector for Active Directory (AD)
FedRAMP, HIPAA, PCI Eligible, and more
Monitoring, logging, and observability
Open allDirectory status monitoring
Domain controller metrics
Monitor logs in Amazon CloudWatch and more
AD Dependent Workloads Migration and AWS application integration
Open allUnified directory experience across on-premises and cloud-based Active Directory deployments
AWS Managed Microsoft AD (Hybrid Edition) enables you to extend your existing AD domain into AWS, creating a unified directory experience across your AD environments. This solution enables smooth integration between your on-premises and cloud resources, ensuring consistent identity management throughout your infrastructure.
For organizations seeking dedicated cloud directory service, our Standard and Enterprise editions create a new AD domain in AWS with the ability to establish secure trust relationships with your existing AD infrastructure. This provides you with the flexibility to maintain separate directory services while ensuring seamless interaction between environments. While AD Connector offers a proxy service that connects AWS services to your existing AD without storing directory data in the cloud. This is a lightweight, cost-effective solution that helps you leverage your existing AD investments while taking advantage of AWS services.