Deleting your AWS Managed Microsoft AD - AWS Directory Service

Deleting your AWS Managed Microsoft AD

When a AWS Managed Microsoft AD or Simple AD is deleted, all of the directory data and snapshots are deleted and cannot be recovered. After the directory is deleted, all instances that are joined to the directory remain intact. You cannot, however, use your directory credentials to log in to these instances. You need to log in to these instances with a user account that is local to the instance.

When an AD Connector is deleted, your on-premises directory remains intact. All instances that are joined to the directory also remain intact and remain joined to your on-premises directory. You can still use your directory credentials to log in to these instances.

To delete a directory
  1. In the AWS Directory Service console navigation pane, select Directories. Ensure you are in the AWS Region where your Active Directory is deployed. For more information, see Choosing a Region.

  2. Ensure that no AWS applications are enabled for the directory you intend to delete. Enabled AWS applications will prevent you for deleting your AWS Managed Microsoft AD or Simple AD.

    1. On the Directories page, choose your directory ID.

    2. On the Directory details page, select the Application management tab. In the AWS apps & services section, you see which AWS applications are enabled for your directory.

      • Disable AWS Management Console access. For more information, see Disabling AWS Management Console access.

      • To disable Amazon WorkSpaces, you must deregister the service from the directory in the WorkSpaces console. For more information, see Delete a directory in the Amazon WorkSpaces Administration Guide.

      • To disable Amazon WorkDocs, you must delete the Amazon WorkDocs site in the Amazon WorkDocs console. For more information, see Delete a site in the Amazon WorkDocs Administration Guide.

      • To disable Amazon WorkMail, you must remove the Amazon WorkMail organization in the Amazon WorkMail console. For more information, see Remove an organization in the Amazon WorkMail Administrator Guide.

      • To disable Amazon FSx for Windows File Server, you must remove the Amazon FSx file system from the domain. For more information, see Working with Active Directory in FSx for Windows File Server in the Amazon FSx for Windows File Server User Guide.

      • To disable Amazon Relational Database Service, you must remove the Amazon RDS instance from the domain. For more information, see Managing a DB instance in a domain in the Amazon RDS User Guide.

      • To disable AWS Client VPN Service, you must remove the directory service from the Client VPN Endpoint. For more information, see Work with Client VPN in the AWS Client VPN Administrator Guide.

      • To disable Amazon Connect, you must delete the Amazon Connect Instance. For more information, see Delete your Amazon Connect instance in the Amazon Connect Administration Guide.

      • To disable Amazon QuickSight, you must unsubscribe from Amazon QuickSight. For more information, see Closing your Amazon QuickSight account in the Amazon QuickSight User Guide.

      Note

      If you are using AWS IAM Identity Center and have previously connected it to the AWS Managed Microsoft AD directory you plan to delete, you must first change the identity source before you can delete it. For more information, see Change your identity source in the IAM Identity Center User Guide.

  3. In the navigation pane, choose Directories.

  4. Select only the directory to be deleted and click Delete. It takes several minutes for the directory to be deleted. When the directory has been deleted, it is removed from your directory list.