Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

Azure Sale - Get Up to 25% OFF All Azure Reviewers

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Security – Specialty Active Directory Trust Reply To: Active Directory Trust

  • JR-TutorialsDojo

    Administrator
    August 12, 2024 at 12:42 pm

    Hello K-Booth and George,


    Thank you for your feedback. In the given scenario, the organization is implementing a security policy requiring cloud-based users to be contained in a separate authentication domain and prevented from accessing on-premises systems.


    Please note that a one-way trust is a unidirectional authentication path: Domain A trusts Domain B, but Domain B does not trust Domain A. This setup ensures that cloud users remain isolated within their own authentication domain and cannot access on-premises systems.

    Hence, the correct answers are:
    – Use AWS Directory Service, set up an AWS Managed Microsoft AD to manage the RDS databases and EC2 instances.
    – Set up a one-way incoming trust in the existing on-premises Active Directory and a one-way outgoing trust in the new Active Directory in AWS.

    You can find more information at https://learn.microsoft.com/en-us/entra/identity/domain-services/concepts-forest-trust.


    The one-way trust ensures security by preventing unauthorized access from the cloud to on-premises systems.


    Feel free to reach out if you need further assistance!


    Regards,
    JR @ Tutorials Dojo