How do I create a trust relationship between AWS Managed Microsoft AD and my existing on-premises AD domain?
Last updated: 2019-06-26
I want to create a trust relationship between my on-premises domain and my AWS Directory Service for Microsoft Active Directory. How can I do this?
A trust relationship is a link between two different domains, whereby one domain (trusting domain) trusts another (trusted domain). In a one-way trust scenario, the user accounts from the trusted domain are allowed to access resources in the trusting domain.
AWS Directory Service for Microsoft Active Directory supports external and forest trust relationships with your existing on-premises domain in all three trust relationship directions:
- One-way Incoming
- One-way Outgoing
- Two-way (Bi-directional)
To create a trust relationship between your AWS Managed Microsoft AD and your on-premises domain, follow these steps:
Important: You must create the trust on the on-premises domain first. Then, create the trust on your AWS Managed Microsoft AD.