Understanding Amazon Managed Microsoft AD (Hybrid Edition) - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Understanding Amazon Managed Microsoft AD (Hybrid Edition)

Amazon Managed Microsoft AD (Hybrid Edition) allows you to extend your existing Active Directory to the Amazon Web Services Cloud with Amazon Managed Microsoft AD. This feature makes it easier to move your AD–dependent workloads to Amazon, adopt Amazon services, and increase your Active Directory redundancy. Amazon will periodically run directory assessments on your hybrid directory which you can view in the Amazon Directory Service console.

A hybrid directory in Amazon Directory Service connects your existing Microsoft Active Directory with Amazon Directory Service for Microsoft Active Directory (Amazon Managed Microsoft AD). This creates an integrated identity environment that spans on-premises, Amazon, and multi-cloud infrastructure, allowing you to maintain a single source of identity while extending your directory services to Amazon.

A hybrid directory configuration provides several important capabilities:

  • Extension of self-managed AD to the Amazon Web Services Cloud without needing to establish a trust relationship

  • Seamless authentication and authorization across environments using existing Active Directory credentials

  • Consistent user credentials and group memberships across both your AD environments

  • Centralized management of AD access policies and permissions

Topics