An enterprise is migrating its Active Directory to AWS. They want to use AWS Managed Microsoft AD. They have a requirement to share this directory with 20 other AWS accounts in their AWS Organization so that EC2 instances in those accounts can seamlessly join the domain. What is the MOST operationally efficient way to achieve this?

Answer options:

A.

Deploy an AWS Managed Microsoft AD in each of the 20 accounts and establish trust relationships between them.

B.

Use AWS Directory Service to share the directory with the AWS Organization. Use seamless domain join when launching EC2 instances in the member accounts.

C.

Configure VPC peering between the directory account and the 20 member accounts. Manually join each EC2 instance to the domain.

D.

Use AWS IAM Identity Center (AWS SSO) to sync users from the directory to the 20 accounts.

How to approach this question

Look for the native directory sharing feature.

Full Answer

B.Use AWS Directory Service to share the directory with the AWS Organization. Use seamless domain join when launching EC2 instances in the member accounts.✓ Correct

AWS Managed Microsoft AD can be shared with other AWS accounts within an AWS Organization. This allows EC2 instances in member accounts to seamlessly join the central domain.

Common mistakes

Assuming VPC peering and manual joins are required.

Question 22 All questions Question 24

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 7

75 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01A global enterprise is designing a multi-region network architecture connecting 50 AWS accounts a...Hard Q02A company is migrating its hybrid network to AWS. They have two 10 Gbps AWS Direct Connect connec...Hard Q03An enterprise has 100 AWS accounts in AWS Organizations. The security team mandates that all Amaz...Medium Q04A financial company requires that all EBS volumes, S3 buckets, and RDS databases be encrypted usi...Easy Q05An enterprise is designing a disaster recovery strategy for a critical application running on Ama...Hard

View all 75 questions →