A complete set of services and tools are provided by Amazon web services or AWS for the deployment of the workloads that are based on Microsoft Windows, on its reliable cloud infrastructure. There are 2 core Windows services which form the foundation of various Microsoft based solutions such as Microsoft SharePoint, Microsoft Exchange, and .NET applications. These services are Active Directory Domain Services or AD DS and Domain Name Server or DNS.
N2WS implements the AWS active directory services. Security, connectivity with low-latency to AD DS and DNS services are needed for those organizations that run workloads in AWS. It is necessary for the IT infrastructure staff to have a comprehensive understanding of the designing and deployment of a solution for launching AD DS in the AWS cloud or the extension of the on-premise AD DS into the AWS Cloud. The infrastructure configuration needs to be considered carefully during the planning and deployment of AD DS, instances of the domain controller, and DNS services in the AWS Cloud.
Numerous ways are provided by AWS Directory Service for setting up and running Amazon Cloud Directory, Microsoft AD, Amazon Cognito etc. A scalable directory store is provided by Amazon Cloud Directory for the multi-hierarchical data of the application. A directory store can be created with the help of Amazon Cognito, for authenticating the users through federated identity providers or own user pools.
A well-managed Active Directory in the AWS Cloud can be used by the directory-aware workloads and AWS resources through an AWS Directory Service for Microsoft Active Directory.
There are different available directories from which one can be chosen. These are:
1. Amazon cloud directory service helps in organizing the application data into various hierarchies for supporting various organizational pivots and relationships across the information present in the directory.
2. The current on-premises Microsoft Active Directory is used by the AD connector for accessing the Applications and services of AWS.
3. In order to add sign-up or sign-in to the mobile app or web application through the use of Amazon Cognito User Pools, the Amazon Cognito user directory is used.
4. There is a simple Active Directory hosted on the AWS cloud and is compatible with the Microsoft Active Directory. It is powered by Samba 4.
5. The AWS cloud hosts the Microsoft Active Directory. It combines most of the features of an Active Directory with the AWS applications.
AWS active directory has certain security features such as fine-grained password policy management, and LDAP encryption through Secure Socket Layer (SSL)/Transport Layer Security (TLS). Monitoring, daily snapshots, and recovery from the part of service provided by AWS.
When you require Active Directory features for supporting AWS applications or Windows workloads which includes Amazon Relational Database Service for Microsoft SQL Server, then AWS active directory is the best option for you. Other cases when you can opt for it includes if you need a standalone AD in the AWS cloud supporting Office 365, or in case you require an LDAP directory that supports Linux applications.