- Newest
- Most votes
- Most comments
Hello Team,
From your query I understand you wish to know if there's a way to use Azure AD users and groups with your AWS MAD under a single identity.
You can create a 'Trust' from your Azure AD with your AWS managed AD. You just need to ensure that connectivity in the backend is in place.
AWS Managed Microsoft AD supports all three trust relationship directions: Incoming, Outgoing and Two-way (Bi-directional). You can choose them as per your use case.
However the trust relationship between Azure AD and AWS managed AD needs to be checked after initiating a trust relationship from Azure AD side only as trust relationship always initiated from on-premise side and get completed on AWS side. I did not find any such use case in our repository and also I can't test this setup on my end due to limitation on setting up Azure AD environments like yours.
The following are the prerequisites to setup the domain trust between AWS Managed AD and Ms Azure :
- Azure Active Directory Domain Services (Azure AD DS) , using self-managed AD DS domain which support AD domain / forest trusts [1]
- VPN connectivity between AWS VPC and Azure [2]
- Inbound and outbound rules in security groups allowing traffic between the two networks
I would also like to clarify that Azure AD lies out of scope of AWS Support and I'm providing these details on best effort basis only. For the links which are not provided from AWS are considered third party information only. Hope you understand. We highly value your cooperation and support with us.
Thanks again for reaching out to us! Looking forward to hearing from you.
Have an AWSome day ahead!
References :
[1] https://docs.microsoft.com/en-us/azure/active-directory-domain-services/compare-identity-solutions
[2] https://blogs.technet.microsoft.com/canitpro/2016/01/11/step-by-step-connect-your-aws-and-azure-environments-with-a-vpn-tunnel/
[3] Creating a trust relationship : https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_setup_trust.html
[4] Tutorial: Create a trust relationship between your AWS Managed Microsoft AD and your self-managed Active Directory domain : https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_setup_trust.html
{+} https://aws.amazon.com/blogs/database/integrate-amazon-rds-for-sql-server-db-instances-with-an-existing-active-directory-domain/
{+} Video Tutorial : https://www.youtube.com/watch?v=SIBCi76wspQ&ab_channel=AmazonWebServices
Relevant content
- asked a year ago
- asked 2 years ago
- asked 6 months ago
- asked 7 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 6 months ago