What is AWS Directory Service? AWS Directory Service offers multiple identity management solutions for Amazon Web Services (AWS) such as AWS Microsoft AD, AWS AD Connector, and Simple AD to suit different use cases. Each offering solves a different part of the problem for IT admins and DevOps engineers in managing user access to AWS resources.
The primary purpose of the AWS Directory Service solutions are for connecting user identities to AWS resources. However, most organization’s prefer the AWS Directory Service solutions that are built from Microsoft Active Directory® (AD) to complement their existing on-prem AD instances and extend on-prem AD identities to AWS resources. This is especially for larger organizations with more mature IT infrastructures.
Summary of AWS Directory Service
While Amazon Cognito can manage mobile devices, and Simple AD and AWS Cloud Directory can manage siloed AWS resources, one could argue the main use case for AWS Directory Service is to allow IT administrators and DevOps engineers to extend Active Directory identities to AWS resources. This is because there are a lot of organizations that already use AD as their core directory service. So it made sense for AWS to have the ability to easily integrate with AD.
Integrating AWS with AD is possible with either AWS Microsoft AD or the AWS AD Connector. Both of which require an existing AD instance to operate. The primary benefit with implementing AWS Directory Service is that organizations can now extend AD identities and management capabilities to AWS resources.
Without the AWS Directory Service, both AD and AWS would be siloed to their respective resources and would have to be managed separately. Yet, with so many options, which solution for connecting users to AWS resources is right for your organization?
Pros and Cons of AWS Directory Service
AWS Microsoft AD
AWS Microsoft AD is effectively a traditional Active Directory instance hosted in the cloud. The difference being that AWS takes some of the heavy lifting out of setting up an AD server, AD domain controllers, and configuring them with the ability integrate with AWS resources. With this approach, IT admins can (Read more...)