Home › Forums › AWS › AWS Certified Security – Specialty › Active Directory Trust › Reply To: Active Directory Trust
-
Hello PETERHODES,
Thank you for your feedback.When setting up a one-way trust relationship from the existing on-premises Active Directory (Domain A) to the new Active Directory service in AWS (Domain B), it means that Domain A trusts Domain B. Cloud-based users (in Domain B) can authenticate against the AWS Managed Microsoft AD (Domain B) but they do not have access to on-premises resources (in Domain A).
A one-way trust is unidirectional: Domain A trusts Domain B, but Domain B does not trust Domain A. This setup ensures that cloud users remain isolated within their own authentication domain and cannot access on-premises systems.
https://learn.microsoft.com/en-us/entra/identity/domain-services/concepts-forest-trustThe one-way trust ensures security by preventing unauthorized access from the cloud to on-premises systems.
I hope this helps. Let us know if you need any further assistance.
Regards,
JR @ Tutorials Dojo- This reply was modified 1 month ago by JR-TutorialsDojo.