Extend on-premises Active Directory to an existing VPC
The following steps guide you through an Active Directory deployment with AWS Launch Wizard after you have launched it from the console for an existing VPC.
-
On the Launch Wizard console's landing page, use the Choose application button. This opens the Choose application wizard where you are prompted to select the type of application that you want to deploy.
-
Select Active Directory, select Extend on-premises AD into an existing VPC, then select Create deployment.
-
Review and acknowledge that the required IAM permissions are met before proceeding. For more information, see Identity and Access Management for AWS Launch Wizard.
-
When prompted, enter the specifications for the new deployment. The following tabs provide information about the specification fields of the deployment model.
- Network configuration
-
Parameter label (name) Default value Description Parameter label (name) Default value Description VPC CIDR (VPCCIDR) 10.0.0.0/16 CIDR Block for the VPC. VPC ID (VPCID) Requires input ID of the VPC (for example, vpc-abcd0123). Subnet 1 ID (Subnet1ID) Requires input ID of subnet 1 in Availability Zone 1 (for example, subnet-abcd0123). Subnet 2 ID (Subnet2ID) Requires input ID of subnet 2 in Availability Zone 2 (for example, subnet-01234abcd). Exiting domain controllers Security Group ID (ExistingDomainControllersSG) sg-1234567890abcdef0 Security Group ID for existing domain controllers Security Group. (Used only when JoinAndPromote equals Yes). - Amazon EC2 configuration
-
Parameter label (name) Default value Description Domain controller 1 NetBIOS name (ADServer1NetBIOSName) DC3 NetBIOS name of the first additional Active Directory domain controller (between 1-15 characters). Domain controller 1 private IP address (ADServer1PrivateIP) 10.0.0.11 Fixed private IP for the first additional Active Directory domain controller located in subnet 1. Domain controller 2 NetBIOS name (ADServer2NetBIOSName) DC4 NetBIOS name of the second additional Active Directory domain controller (between 1-15 characters). Domain controller 2 private IP address (ADServer2PrivateIP) 10.0.32.11 Fixed private IP for the second additional Active Directory domain controller located in subnet 2. SYSVOL and NTDS Data Drive Size (DataDriveSizeGiB) 10 Size of SYSVOL and NTDS data drive in GiB. KMS key for EBS Encryption (EbsEncryptionKmsKeyId) alias/aws/ebs The identifier of the KMS key to use for Amazon EBS encryption. You can specify the KMS key using any of the following; key ID, key alias, key ARN, alias ARN. Key pair name (KeyPairName) Requires input Public/private key pairs allow you to securely connect to your instance after it launches. AMI ID (LatestAmiId) /aws/service/ami-windows-latest/Windows_Server-2022-English-Full-Base AWS Systems Manager parameter value for latest Windows Server AMI. - Microsoft Active Directory Domain Services configuration
-
Parameter label (name) Default value Description Join and Promote to domain controllers (JoinAndPromote) No Do you want to join and promote these instances to be Active Directory domain controllers. DNS Server 1 IP address (ExistingDomainController1IP) 10.0.0.10 The IP address of the first DNS server that can resolve the domain. You must have connectivity from the VPC to the DNS server.
DNS Server 2 IP address (ExistingDomainController2IP) 10.0.32.10 The IP address of the second DNS server that can resolve the domain. You must have connectivity from the VPC to the DNS server.
Domain DNS name (DomainDNSName) example.com Fully qualified domain name (FQDN) of the domain you would like to join and promote to. For example, example.com. Domain NetBIOS name (DomainNetBIOSName) example NetBIOS name of the domain (between 1 to 15 characters) you would like to join and promote to for users of earlier versions of Windows. For example, EXAMPLE.
