AWS Directory Service
Administration Guide (Version 1.0)

Use Case 6: Share Your Directory to Seamlessly Join Amazon EC2 Instances to a Domain Across AWS Accounts

Sharing your directory across multiple AWS accounts enables you to manage AWS services such as Amazon EC2 easily without the need to operate a directory for each account and each VPC. You can use your directory from any AWS account and from any Amazon VPC within an AWS Region. This capability makes it easier and more cost effective to manage directory-aware workloads with a single directory across accounts and VPCs. For example, you can now manage your Windows workloads deployed in EC2 instances across multiple accounts and VPCs easily by using a single AWS Managed Microsoft AD directory.

When you share your AWS Managed Microsoft AD directory with another AWS account, you can use the Amazon EC2 console or AWS System Manager (SSM) to seamlessly join your instances from any Amazon VPC within the account and AWS Region. You can quickly deploy your directory-aware workloads on EC2 instances by eliminating the need to manually join your instances to a domain or to deploy directories in each account and VPC. For more information, see Share Your Directory.