Amazon Relational Database Service (Amazon RDS) for Db2 now allows customers to directly join their RDS for Db2 DB instances to the domains of self-managed Microsoft Active Directory (AD). Self-managed AD can be on-premises, on AWS, or in another cloud. Customers use Kerberos as the authentication protocol to enable single sign-on for their database users.
Previously, to use Kerberos authentication against a self-managed AD with their RDS for Db2 instances, customers were required to deploy AWS Managed Microsoft AD and establish a trust between the AWS managed domain and the self-managed domain. Now, customers can use their existing self-managed AD directly to authenticate and authorize database users without the additional complexity of a managed directory or a directory trust — helping them meet compliance requirements with their existing identity infrastructure. Customers can domain-join their RDS for Db2 instance by either creating a new instance or modifying an existing one, supplying the credentials of a delegated AD service account stored in AWS Secrets Manager and encrypted with AWS KMS. Customers can use self-managed AD free of charge.
Self-managed Active Directory with Amazon RDS for Db2 is now generally available in all AWS Regions where Amazon RDS for Db2 is available, including the AWS GovCloud (US) Regions.
To learn more and get started with self-managed Active Directory, visit the Amazon RDS for Db2 User Guide and the Amazon RDS for Db2 product page.
Categories: marketing:marchitecture/databases,general:products/amazon-rds,general:products/aws-govcloud-us
Source: Amazon Web Services
Latest Posts
- Amazon ECS now provides real-time deployment observability in the AWS Management Console

- ECS Service Connect now supports Zone-Aware routing

- MC1411727: Copilot Notebooks Adds AI-Powered Artifact Suggestions for Faster Content Creation

- MC1411726: SharePoint Online Retires Remote Event Receivers and Recommends Migration to Webhooks or Microsoft Graph Notifications






