The AWS Directory Service provides several ways to use the Microsoft Active Directory (AD) with other AWS utilities. Information regarding users, groups, & devices can be stored in directories, & the administrators use them to retrieve the information & resources. AWS Directory Service offers many directory alternatives for clients who wish to utilize the current Microsoft AD or Lightweight Directory Access Protocol (LDAP)–aware applications in the cloud. There is also a provision of the same alternatives to developers who seek a directory to manage users, groups, devices, & access.
What to select?
I want Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) for applications in my cloud: Choose AWS Directory Service for Microsoft Active Directory
I develop SaaS applications: The developers of upscale SaaS applications can use Amazon Cognito.
AWS Directory Service for Microsoft AD
Also known by the name AWS managed Microsoft AD, the AWS Directory Service for Microsoft AD is backed by a verified Microsoft Windows Server AD, overseen by AWS in the AWS Cloud. AWS managed AD permits a wide range of AD–aware applications to be migrated to the AWS Cloud.
The AWS Managed Microsoft AD can be used with Microsoft SharePoint, Microsoft SQL Server, & several .NET applications. It is also compatible with AWS managed services such as Amazon WorkDocs, Amazon WorkSpaces, Amazon Connect, Amazon QuickSight, Amazon Chime, & Amazon Relational Database Service for Microsoft SQL Server (Amazon RDS for SQL Server, Amazon RDS for Oracle, & Amazon RDS for PostgreSQL).
AWS Managed Microsoft AD is present in 2 editions: Standard & Enterprise.
Standard Edition: AWS Managed Microsoft AD (Standard Edition) has been optimized to be a central directory for small-scale & midsize businesses with as many as 5,000 employees. Enough storage capacity is allotted to support up to 30,000 directory objects, like computers, users & groups.
Enterprise Edition: AWS Managed Microsoft AD (Enterprise Edition) has been created to back firms with up to 500,000* directory objects.
Security in AWS Directory Service
Cloud security at AWS is of the utmost priority. As a customer of AWS, you can avail several benefits from a data center & network architecture that has been modeled to match the needs of organizations, for whom top-notch security of their data is a priority.
You and the AWS have to share the charge of security. This is described under the shared responsibility model as ‘the security of the cloud & security in the cloud’:
Security of the cloud – AWS is in-charge of handling & protecting the fundamentals that run AWS services in the AWS Cloud. AWS also gives you services that are absolutely safe. Third-party auditors are regulated to continuously evaluate the level of our security as a part of the AWS compliance program.
Security in the cloud – The AWS service you use is your responsibility. The sensitivity of your data, your company’s needs, & applicable laws & regulations are also in your own hands.
Infrastructure Security in AWS Directory Service
Since it is a managed service, the AWS Directory Service is protected by the AWS global network security protocols.
Identity & Access Management for AWS Directory Service
Credentials are required to get access to the AWS Directory Service, which the AWS can use to authenticate your requests. Those credentials should have a valid permission to gain access to the AWS resources, like an AWS Directory Service directory.
Contact us to know more!