The newest entry in Amazon Web Service’s ever-growing product portfolio is DiraaS, Directory-as-a-Service.
AWS announced their latest service offering, AWS Directory Service, positioned as both an alternative to and integration with Microsoft’s industry leading Active Directory. Active Directory, and open standard alternative LDAP, allow computers to join domains, authenticate users, group users, connect to printers and other network services. Centralized directory services greatly reduce the amount of administrative work to manage an organizations users and their access to necessary services. DiraaS takes this vital corporate function and pushes it to the cloud.
There are two different options for this service:
AD Connector enables companies to connect their Active Directory with AWS so that users can use their existing corporate credentials to authenticate with AWS applications. All communication between the AD Connector and the on-premise Active Directory are via AWS Direct Connect or secure VPN with an Amazon VPC. AD Connector creates a proxy service in the cloud that enables AWS service authentication without the need to provision a federated or synced Active Directory at AWS.
For companies with no pre-existing directory services, Simple AD is a fully functional, Samba-based directory service that supports “most” of the common Active Directory features. Simple AD will enable IT organizations to manage AWS services and Windows servers on EC2.
Microsoft offers a similar solution, Azure Active Directory, to perform directory services for consumers of their Azure cloud. Azure Active Directory integrates tightly with on-prem Active Directory and also offers Single Sign-On to a number of cloud services (Salesforce.com, Office 365, Box, Concur and others). While AWS offers Identity Management as well, it is through a separate service.
“Cloud infrastructure’s cost and productivity gains are widely known to IT teams and we’ve all witnessed their rapid adoption and growth,” said Greg Keller, Chief Product Officer at JumpCloud, a Colorado-based Directory-as-a-Service provider. “The dark secret is that it is awfully complex to integrate with on-prem infrastructure, especially in the area of provisioning user access in efficient, repeatable and secure ways. Amazon’s announcement and efforts behind their AWS Directory Service validates this for their VPC user base and further, validates the push by companies like JumpCloud to perform these critical functions and more broad directory services across a wide array of cloud, co-located an on-prem infrastructure.”
An established provider in the DiraaS space, JumpCloud, offers a vendor-neutral approach that provides cloud-based directory services for most IaaS, SaaS, and premise-based services.
Welcome DiraaS to the ever-evolving cloudsape.