{"id":43539,"date":"2019-12-23T09:00:00","date_gmt":"2019-12-23T16:00:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=43539"},"modified":"2024-12-19T17:15:23","modified_gmt":"2024-12-19T22:15:23","slug":"sync-active-directory-with-aws","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws","title":{"rendered":"Sync Active Directory with AWS"},"content":{"rendered":"\n<p>AWS<sup>\u00ae<\/sup> has gained popularity as <a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/the-best-infrastructure-as-a-service-iaas-providers-in-2019\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">one of the best Infrastructure-as-a-Service (IaaS) providers<\/a> in the world, allowing many companies to replace their on-prem data centers. Oftentimes, though, Microsoft<sup>\u00ae<\/sup> Active Directory<sup>\u00ae<\/sup> (AD) remains the preferred tool for identity and access management.<\/p>\n\n\n\n<p>Many organizations are looking for ways to extend their AD identities to AWS as a result. Connecting AD to cloud resources is a constant headache, however. Fortunately, there\u2019s a more efficient way to do so.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-rooted-in-active-directory\">Rooted in Active Directory<\/h2>\n\n\n\n<p>When on-prem infrastructures and Windows<sup>\u00ae<\/sup> computers were standard, Active Directory was the best tool for identity and access management (IAM). It consolidated users\u2019 identities into one set of credentials so that no matter what on-prem Windows applications they used, they could access it with one login.<\/p>\n\n\n\n<p>This was a blessing for IT admins because it meant they didn\u2019t need to manage multiple identities for one user anymore. Soon, AD became the core resource for managing Windows users and access permissions. However, that blissful time came to an end as \u201cthe cloud\u201d accumulated. Organizations started to realize they could benefit from cloud infrastructure and applications more than on-prem resources, in many instances.<\/p>\n\n\n\n<p>This is where the headaches began. While organizations shifted their infrastructures to the cloud, they continued to rely on AD for IAM. However, AD only managed user access to on-prem Windows applications via on-prem Windows devices (as it still does today). Other tools were needed to connect AD to cloud-hosted services.<\/p>\n\n\n\n<p>Previously, data centers were connected via VPN to the on-prem AD instance to access their servers, but the preference for cloud providers (like AWS) to replace internal data centers led to a challenge for how to connect AD to these now public cloud servers. As such, alternative solutions were called for.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-aws-directory-service-for-active-directory\">AWS Directory Service for Active Directory<\/h2>\n\n\n\n<p>Today, admins may use <a href=\"https:\/\/aws.amazon.com\/directoryservice\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">AWS Directory Service<\/a> to sync on-prem Active Directory identities with AWS. The good news is that AWS handles the cloud Active Directory maintenance, but the bad news is that you still need to put in all of the plumbing to connect on-prem AD with the AWS managed AD service. Further, you\u2019ll need to manage all of the users as you normally do without the benefit of automation.<\/p>\n\n\n\n<p>For organizations that have a <a href=\"https:\/\/jumpcloud.com\/blog\/cross-platform-system-management\/\">mixed-platform IT environment<\/a>, you will still struggle to manage non-Windows systems (e.g. Linux) using AWS Directory Service. Other drawbacks of AWS Directory Service are that it doesn\u2019t include automation features, multi-factor authentication (MFA), or end user password and SSH key management.<\/p>\n\n\n\n<p>Essentially, AWS Directory Service will extend AD to Windows-based AWS infrastructure, but you\u2019ll struggle with other IT resources (e.g. Linux, technical applications, web apps for DevOps, etc.). You will need additional tools \u2014 sometimes referred to as add-ons \u2014 to connect to any other cloud resources your organization uses, as well as to enforce cybersecurity procedures. This can quickly get expensive, as most add-ons have their own monthly costs and implementation challenges.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-cloud-identity-bridge\">Cloud Identity Bridge<\/h2>\n\n\n\n<p>A different, more elegant approach to extending Active Directory to the AWS infrastructure is through a <a href=\"https:\/\/jumpcloud.com\/blog\/active-directory-bridge\">cloud identity bridge<\/a>.<\/p>\n\n\n\n<p>A cloud identity bridge integrates AD identities with systems, protocols, and applications, both on- and off-prem. Rather than set up users and groups separately, this method syncs AD identities with AWS \u2014 and any other cloud services you may use \u2014 automatically. You can manage both Mac<sup>\u00ae<\/sup> and Linux<sup>\u00ae<\/sup> devices, too. Linux-based applications hosted at AWS are also an ideal candidate to be integrated through the on-board LDAP server.<\/p>\n\n\n\n<p>Plus, because it\u2019s a cloud-hosted service, this method requires no additional on-prem servers to upkeep. You\u2019re also paying less for more because it consolidates the functions of many add-ons into one, maximizing your productivity while getting the most out of your investments. And, you only pay for what you need through the per user pricing model.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-learn-more\">Learn More<\/h2>\n\n\n\n<p>To find out more about how you can <a href=\"https:\/\/jumpcloud.com\/product\/active-directory-integration\/\">integrate Active Directory<\/a> identities to AWS and other web services, <a href=\"https:\/\/jumpcloud.com\/guided-simulations\/\">schedule a demo<\/a> or <a href=\"https:\/\/www.youtube.com\/watch?v=AGFCCiydTJY\">watch one of our video tutorials.<\/a>&nbsp;<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AWS\u00ae has gained popularity as one of the best Infrastructure-as-a-Service (IaaS) providers in the world, allowing many companies to replace [&hellip;]<\/p>\n","protected":false},"author":92,"featured_media":43540,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[2781,2337],"tags":[],"collection":[2777],"platform":[],"funnel_stage":[3015],"coauthors":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Sync Active Directory with AWS - JumpCloud<\/title>\n<meta name=\"description\" content=\"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sync Active Directory with AWS\" \/>\n<meta property=\"og:description\" content=\"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2019-12-23T16:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-19T22:15:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"780\" \/>\n\t<meta property=\"og:image:height\" content=\"439\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Megan Anderson\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Megan Anderson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\"},\"author\":{\"name\":\"Megan Anderson\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677\"},\"headline\":\"Sync Active Directory with AWS\",\"datePublished\":\"2019-12-23T16:00:00+00:00\",\"dateModified\":\"2024-12-19T22:15:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\"},\"wordCount\":674,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg\",\"articleSection\":[\"How-To\",\"Remote Work\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\",\"url\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\",\"name\":\"Sync Active Directory with AWS - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg\",\"datePublished\":\"2019-12-23T16:00:00+00:00\",\"dateModified\":\"2024-12-19T22:15:23+00:00\",\"description\":\"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg\",\"width\":780,\"height\":439},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sync Active Directory with AWS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677\",\"name\":\"Megan Anderson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/1137c152b014919b03c19ac2c8377ede\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g\",\"caption\":\"Megan Anderson\"},\"description\":\"Megan is a content writer at JumpCloud with a B.A. in English from MSU Denver. Colorado-born and raised, she enjoys hiking, skiing, and all manner of dogs.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Sync Active Directory with AWS - JumpCloud","description":"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws","og_locale":"en_US","og_type":"article","og_title":"Sync Active Directory with AWS","og_description":"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.","og_url":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws","og_site_name":"JumpCloud","article_published_time":"2019-12-23T16:00:00+00:00","article_modified_time":"2024-12-19T22:15:23+00:00","og_image":[{"width":780,"height":439,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg","type":"image\/jpeg"}],"author":"Megan Anderson","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Megan Anderson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws"},"author":{"name":"Megan Anderson","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677"},"headline":"Sync Active Directory with AWS","datePublished":"2019-12-23T16:00:00+00:00","dateModified":"2024-12-19T22:15:23+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws"},"wordCount":674,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg","articleSection":["How-To","Remote Work"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws","url":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws","name":"Sync Active Directory with AWS - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg","datePublished":"2019-12-23T16:00:00+00:00","dateModified":"2024-12-19T22:15:23+00:00","description":"As more organizations use AWS, many IT admins are looking for ways to sync their Microsoft Active Directory identities to it.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/12\/bridge-ad-aws.jpeg","width":780,"height":439},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/sync-active-directory-with-aws#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Sync Active Directory with AWS"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/7d2acfcb7b5720fb45432d3c88dfb677","name":"Megan Anderson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/1137c152b014919b03c19ac2c8377ede","url":"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d1793fee47c43b6992aa8aa580f8b843?s=96&d=mm&r=g","caption":"Megan Anderson"},"description":"Megan is a content writer at JumpCloud with a B.A. in English from MSU Denver. Colorado-born and raised, she enjoys hiking, skiing, and all manner of dogs."}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43539"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/92"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=43539"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43539\/revisions"}],"predecessor-version":[{"id":118747,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43539\/revisions\/118747"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/43540"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=43539"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=43539"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=43539"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=43539"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=43539"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=43539"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=43539"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}