MFA for AWS Managed Microsoft AD
Here https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_getting_started_prereqs.html , in Multi-factor authentication prerequisites it is said that :
To support multi-factor authentication with your AWS Managed Microsoft AD directory, you must configure either your on-premises or cloud-based Remote Authentication Dial-In User Service (RADIUS) server in the following way so that it can accept requests from your AWS Managed Microsoft AD directory in AWS.
Does the AWS provide "cloud-based Remote Authentication Dial-In User Service (RADIUS) server" service? Or we really need to setup something our own? Cant we have the same MFA solution, as in the default for AWS SSO "Aws sso identity store"?
For Managed AD you must deploy a RADIUS server, you can do so on an EC2 instance in your environment if you'd like but it doesn't have a native solution built in.
Relevant questions
Find old Forum Thread ID for migrating our Simple AD to a new AWS Managed Microsoft AD
asked 3 months agoCan Redshift authenticate to AWS Managed AD and how?
Accepted Answerasked 2 years agoIs AWS Managed Microsoft AD billed separately from Amazon WorkSpaces?
Accepted Answerasked 2 years agoActive Directory MFA
asked 4 months agoMFA for AWS Managed Microsoft AD
Accepted Answerasked 3 months agoMFA for Simple AD directory
asked a month agoAWS SSO with Microsoft AD as IdP
asked 5 months agoHow to restrict database users for RDS Postgres using AWS Managed AD trusted with customer on-prem AD
Accepted Answerasked 2 years agoJoining an AWS Managed Microsoft AD to an existing domain
Accepted Answerasked a year agoAWS MANAGED MICROSOFT AD
asked 2 months ago