Interact from a cloud to AWS Directory

Question

I have a cloud service for managing company's users, now I have an attempt to manage AWS Directory, exploring AWS APIs I find some, but not for managing, for that I'm using domain controller to getting LDAP users and after deleting, the solution is working fine if you put in the same network. Now, my cloud service it's not in the internal network, and I have a problem with the connection, I'm searching for connecting externally as a trusted machine to my AWS Directory, without a VPN or using an AWS service, in AWS documentation I find some definitions as trusted network, but no any precision solution and my questions stand to: Is it possible to connect to AWS Directory externally as a trusted network by IP and port for managing it? If yes, how? Thank you!

Answer

AWS Managed AD is not a publicly accessible service. It is never a good idea to make Active Directory publicly routable as you are opening the directory up to attack. With that said. you could put a load balancer in front of the ENIs for the service and make the LB accessible. This is an unsupported AWS configuration and not recommend Microsoft either. (https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/support-for-active-directory-over-nat)

Interact from a cloud to AWS Directory

相關內容