Requirements
Your account must be configured as specified in the following table to deploy self-managed domain controllers using Launch Wizard.
To add domain controllers to an existing infrastructure, you must create a VPC peering connection between the two VPCs for an existing Active Directory in AWS. If you are using an existing Active Directory on premises, you must use AWS Direct Connect. To ensure that instances in the VPCs can communicate with each other, you can use either Direct Connect or VPC Private Link. For more information about VPC connectivity, see VPN connections.
Resource | Minimum number of resources required for deployment |
---|---|
Virtual private clouds (VPCs) |
1 |
VPC security groups | 3 |
AWS Identity and Access Management (IAM) roles | 2 |
General purpose EC2 instances | Existing VPC: 1 |
New Active Directory infrastructure: 2 | |
AWS Secrets Manager secrets | 2 |
If you have an existing environment that uses these resources and you think that
deploying domain controllers in this environment using Launch Wizard may exceed your default
quotas, you can request service quota
increases
For additional prerequisites to deploy domain controllers using Launch Wizard, see Set up for AWS Launch Wizard for Active Directory.