What is AWS Directory Service?

What is AWS Directory Service

What is AWS Directory Service? AWS Directory Service offers multiple identity management solutions for Amazon Web Services (AWS) such as AWS Microsoft AD, AWS AD Connector, and Simple AD to suit different use cases. Each offering solves a different part of the problem for IT admins and DevOps engineers in managing user access to AWS resources.

The primary purpose of the AWS Directory Service solutions are for connecting user identities to AWS resources. However, most organization’s prefer the AWS Directory Service solutions that are built from Microsoft Active Directory® (AD) to complement their existing on-prem AD instances and extend on-prem AD identities to AWS resources. This is especially for larger organizations with more mature IT infrastructures.

Summary of AWS Directory Service

AWS Security Auth

While Amazon Cognito can manage mobile devices, and Simple AD and AWS Cloud Directory can manage siloed AWS resources, one could argue the main use case for AWS Directory Service is to allow IT administrators and DevOps engineers to extend Active Directory identities to AWS resources. This is because there are a lot of organizations that already use AD as their core directory service. So it made sense for AWS to have the ability to easily integrate with AD.

Integrating AWS with AD is possible with either AWS Microsoft AD or the AWS AD Connector. Both of which require an existing AD instance to operate. The primary benefit with implementing AWS Directory Service is that organizations can now extend AD identities and management capabilities to AWS resources.

Without the AWS Directory Service, both AD and AWS would be siloed to their respective resources and would have to be managed separately. Yet, with so many options, which solution for connecting users to AWS resources is right for your organization?

Pros and Cons of AWS Directory Service

AWS Directory Service  - Third Party Software

AWS Microsoft AD

AWS Directory Service and Microsoft AD

AWS Microsoft AD is effectively a traditional Active Directory instance hosted in the cloud. The difference being that AWS takes some of the heavy lifting out of setting up an AD server, AD domain controllers, and configuring them with the ability integrate with AWS resources. With this approach, IT admins can (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/aws-directory-service/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 174 posts and counting.See all posts by vince-lujan