Posted On: Nov 10, 2022

Amazon Directory Service for Microsoft Active Directory (Amazon Managed Microsoft AD) now provides you the flexibility to update your directory settings. This makes it easier to meet your specific security and compliance requirements across all new and existing directories. Starting today, you can update your directory settings and Amazon Managed Microsoft AD applies the updated settings to all domain controllers, automatically. You accomplish this using the Amazon Web Services console or automating with Amazon Command Line Interface (Amazon CLI) and/or API.

Now, you can update fine-grained secure channel configuration for protocols and ciphers of your directory. For example, you can enable or disable individual encryption ciphers, such as RC4, and secure channel protocols, such as TLS 1.2, based on your security and compliance requirements.

For step-by-step instructions on configuring your directory’s security settings, from the console or via API, please see Configure directory security settings article.

This new feature is available in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more, see the Amazon Directory Service Administration Guide.