AWS Directory Service

Managed Microsoft Active Directory in the AWS Cloud

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, enables you to use a highly available managed Microsoft Active Directory in the AWS Cloud. AWS Managed Microsoft AD helps you use Windows workloads in the AWS Cloud with actual Microsoft Active Directory (AD). You have the flexibility to keep your identities in your existing Microsoft AD or create and manage identities in your AWS managed directory. With AWS Managed Microsoft AD, your migrated AD-aware applications can use Windows integrated authentication. Users can also use their Microsoft AD credentials to sign in to AWS applications and services. AWS Managed Microsoft AD is available in standard and enterprise editions to scale to your size and performance requirements.


Easily migrate directory-aware, on-premises workloads

AWS Managed Microsoft AD makes it easy to migrate Active Directory–dependent, on-premises applications and workloads to the AWS Cloud. With AWS Managed Microsoft AD, you can seamlessly run infrastructure across your own data center and AWS without synchronizing or replicating data from your existing Active Directory to the AWS Cloud.

Use actual Microsoft Active Directory

Take advantage of actual Microsoft Active Directory to manage your users, groups, and devices. Use familiar Active Directory administration tools and Active Directory features, such as Group Policy objects (GPOs), domain trusts, fine-grain password policies, and Kerberos-based single sign-on. You can also delegate administrative tasks and authorize access using Active Directory security groups.

Share a single directory for cloud workloads

Share a single directory for all your Active Directory-aware Amazon EC2 instances and Amazon RDS for SQL Server instances. Using AWS Managed Microsoft AD helps avoid the complexity of replicating and synchronizing data across multiple directories.

Easily extend existing domains

Easily extend your existing Active Directory to the AWS Cloud by using AWS Managed Microsoft AD as a resource domain. With AWS Managed Microsoft AD, you can extend your existing Group Policies to your cloud resources, and let users log in with their existing enterprise credentials.

Centrally manage application access and devices in the AWS Cloud

Join your computers, laptops, and printers to a managed Active Directory domain. AWS Managed Microsoft AD provides you the option to administer your on-premises users, groups, applications, and systems without the complexity of running and maintaining an on-premises, highly available Active Directory.

Simplify administration with a managed service

AWS Managed Microsoft AD is built on highly available, AWS-managed infrastructure. Each directory is deployed across multiple Availability Zones, and monitoring automatically detects and replaces domain controllers that fail. In addition, data replication and automated daily snapshots are configured for you. You do not have to install software, and AWS handles all patching and software updates.

Intended Usage and Restrictions

Your use of this service is subject to the AWS Customer Agreement.