The recent AWS re:Invent session, Best Practices for Running Microsoft Active Directory on AWS, featured a detailed overview of multi-region replication for AWS Managed Microsoft Active Directory. Vladimir Kolesnikov, Systems Tech Lead at ClearScale, provides his expert commentary on this exciting announcement.
Released in late November 2020, Amazon Web Services’ (AWS) new multi-region replication feature breaks down the wall of Active Directory (AD) managed service for many customers who wanted disaster recovery and fault tolerance of AD infrastructure on AWS.
Multi-region replication can be used to automatically replicate your AWS Managed Microsoft AD directory data across multiple regions. This replication improves performance for users and applications in dispersed geographic locations. AWS Managed Microsoft AD uses native Active Directory replication to replicate your directory’s data securely to the new region.
With multi-region replication in AWS Managed Microsoft AD, AD-aware applications use the directory locally for high performance, and the multi-region feature for resiliency. You can utilize multi-region replication with AD-aware applications like SharePoint and SQL Server Always On, as well as AWS services like Amazon RDS for SQL Server and Amazon FSx for Windows File Server. Additional benefits of multi-region replication include:
- Deploy a single AWS Managed Microsoft AD instance quickly and eliminate the heavy lifting of self-managing a global AD infrastructure.
- Deploy and manage Windows and Linux workloads in multiple AWS regions easier and more cost-effectively. Automated multi-region replication enables optimal performance in your global AD-aware applications. All applications deployed in Windows or Linux instances use AWS Managed Microsoft AD locally in the region, which enables responses to user requests from the closest region possible.
- Provide multi-region resiliency. Deployed in the highly available AWS managed infrastructure, AWS Managed Microsoft AD handles automated software updates, monitoring, recovery, and the security of the underlying AD infrastructure across all regions. This allows you to focus on building your applications.
The diagram below demonstrates multi-regional usage with multi-account architecture.
Integration with AWS Services
You can use the following AWS services with the multi-region replication feature:
- Amazon EC2
- Amazon FSx for Windows File Server
- Amazon RDS for SQL Server
- Amazon RDS for Oracle
- Amazon RDS for MySQL
- Amazon RDS for PostgreSQL
- Amazon RDS for MariaDB
- Amazon Aurora for MySQL
- Amazon Aurora for PostgreSQL
Multi-region replication is only supported for the Enterprise Edition of AWS Managed Microsoft AD.
To learn more about how AWS Managed Microsoft AD Multi-Region support can benefit you, schedule a consultation with one of our cloud experts.
Get in touch today to speak with a cloud expert and discuss how we can help: