Active Directory Domain Services on AWS

Active Directory on GCP   Active Directory on OCI   Active Directory on Azure   Office365 Backup   Netsuite Backup

For all new AD DS installations, Quick Start deploys AD DS and AD-integrated DNS, and it sets up Active Directory sites and subnets.

The Quick Start supports three scenarios:

  • Scenario 1: Deploy a new AWS Cloud-based AD DS environment that you manage yourself
  • Scenario 2: Extend your existing on-premises AD DS to AWS
  • Scenario 3: Deploy Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD)

For each scenario, you have the option to create a new virtual private cloud (VPC) or use your existing VPC infrastructure.

Scenario 1: Deploy a new AWS Cloud-based AD DS Environment

In this scenario, Quick Start sets up the following:

  • A VPC configured with public and private subnets in two Availability Zones for high availability. *
  • In the public subnets:
    Managed network address translation (NAT) gateways to allow outbound internet access for resources in the private subnets. *
    Remote Desktop Gateway (RD Gateway) instances in an Auto Scaling group to help secure remote access to instances in private subnets. *
  • In the private subnets:
    A Windows Server Forest and domain functional level, including security groups and rules for traffic between instances.
  • AWS Systems Manager Automation documents to set up and configure AD DS and AD-integrated DNS.
  • AWS Secrets Manager to store passwords.
image

Scenario 2: Extend your on-premises AD

In this scenario-except for the virtual private network (VPN) gateway, VPN connection, and customer gateway, which you create manually-the Quick Start sets up the following:

  • A VPC configured with public and private subnets in two Availability Zones for high availability. *
  • In the public subnets:
    Managed NAT gateways to allow outbound internet access for resources in the private subnets. *
    RD Gateway instances in an Auto Scaling group to help secure remote access to instances in private subnets. *
  • In the private subnets:
    Windows Server Forest and domain functional level, including security groups and rules for traffic between instances.
  • AWS Systems Manager Automation documents to set up and configure AD DS and AD-integrated DNS.
  • AWS Secrets Manager to store passwords.
image

Scenario 3: Deploy AWS Managed Microsoft AD

In this scenario, the Quick Start sets up the following:

  • A VPC configured with public and private subnets in two Availability Zones for high availability. *
  • In the public subnets:
    Managed NAT gateways to allow outbound internet access for resources in the private subnets. *
    RD Gateway instances in an Auto Scaling group to help secure remote access to instances in private subnets. *
  • In the private subnets:
    (Optional) A Windows EC2 instance to act as a management instance, including security groups and rules for traffic between instances.
  • AWS Systems Manager Automation documents to set up and configure AD DS and AD-integrated DNS.
  • AWS Secrets Manager to store passwords.
  • AWS Directory Service to provide and manage AD DS in the private subnets.
image
Google meet iconteams iconDemo iconVast Edge contact us icon
Copyrights © 24 May 2024 All Rights Reserved by Vast Edge Inc.