Step 1. Prepare Your AWS Account - Active Directory Domain Services on AWS

Step 1. Prepare Your AWS Account

Before you deploy the Quick Start, make sure that your AWS account is set up properly by following these steps.

  1. If you don't already have an AWS account, create one at by following the on-screen instructions. Part of the sign-up process involves receiving a phone call and entering a PIN using the phone keypad.

  2. Use the region selector in the navigation bar to choose the AWS Region where you want to deploy AD DS.

                        Choosing an Amazon EC2 region

    Figure 11: Choosing an AWS Region

    Consider choosing a region closest to your data center or corporate network to reduce network latency between systems running on AWS and the systems and users on your corporate network.


    If you’re deploying scenario 1 or scenario 3, note that Secrets Manager and AWS Directory Service are available only in the Regions listed on the endpoints and quotas webpage in the AWS documentation. We recommend that you check service availability before you choose a Region. Otherwise, deployment will fail.

  3. Create a key pair in your preferred region. To do this, in the navigation pane of the Amazon EC2 console, choose Key Pairs, Create Key Pair, type a name, and then choose Create.

                        Creating a key pair

    Figure 12: Creating a key pair

    Amazon EC2 uses public-key cryptography to encrypt and decrypt login information. To be able to log into your instances, you must create a key pair. With Windows instances, we use the key pair to obtain the administrator password via the Amazon EC2 console and then log in using Remote Desktop Protocol (RDP) as explained in the step-by-step instructions in the Amazon Elastic Compute Cloud User Guide.

  4. If necessary, request a service quota increase for the m4.xlarge instance type. To do this, on the Service Quotas console, for each instance type that you want a service quota increase, choose the instance type, choose Request quota increase, and then complete the fields in the quota increase form. The current default limit for this instance type is 20 instances.

    You might need to request an increase if you already have an existing deployment that uses this instance type, and you think you might exceed the default quota with this reference deployment. It might take a few days for the new service quota to become effective. For more information, see AWS documentation.

                        Requesting a service quota increase

    Figure 13: Requesting a service quota increase