SID202: Deep Dive on How Capital One Automates the Delivery of Directory Services across AWS Accounts
AWS re:Invent 2017 - En podkast av AWS
Kategorier:
Traditional solutions for using Microsoft Active Directory across on-premises and AWS Cloud Windows workloads can require complex networking or synching identities across multiple systems. AWS Directory Service for Microsoft Active Directory, also known as AWS Managed AD, offers you actual Microsoft Active Directory on the AWS Cloud as a managed service. In this session, you learn how Capital One uses AWS Managed AD to provide highly available authentication and authorization services for its Windows workloads, such as Amazon RDS for SQL Server. We detail how Capital One uses Lambda, Python, and PowerShell with cross-account AWS Identity and Access Management (IAM) roles to automate directory deployment across AWS accounts. We also cover best practices for integrating AWS Managed AD with your on-premises domain securely, and show you how to automate the joining of AWS resources to your managed domain.