AWS VPC Peered - RDS accessing Active Directory Service

Question

I have two aws accounts and I could establish a peering of two VPCs belonging to each account. Also, I was able to launch an EC2 instance one account joining to the AD domain on the other account. The problem is I can't find a way to do the same for RDS-SQL Server, I was trying to do it from AWS console.

This what I have configured on both accounts:

AWS Account1

VPC1 - 172.32.0.0/16
ADS1 - Active Directory Service is configured in this account

AWS Account2

VPC2 172.33.0.0/16 - VPC2 is peered to VPC1
EC2 launched and join ADS1
RDS-SQL launched, but could not find a way to join ADS1

Please advise,

Is ADS1 an AWS MS Active Directory, or MS Active Directory Services ? — Sam Doxy, Aug 28 '19 at 09:48

score 1 · Answer 1 · answered Jul 03 '18 at 07:13

1

This mode is not supported directly.

See:

Using Windows Authentication with a Microsoft SQL Server DB Instance

Specifically:

Windows Authentication is only supported for SQL Server DB instances in a VPC, and the DB instance must be in the same VPC as the directory.

However you could deploy a second AD instance into the same VPC as the RDS instance and establish a trust relationship at the AD level.

See:

When to Create a Trust Relationship

answered Jul 03 '18 at 07:13

Alex Moore

1,704
5
12

Hi Alex, I did look at adding a second AD, but it is cost prohibitive for us at this point. – Felix Cen Jul 03 '18 at 13:07

AWS VPC Peered - RDS accessing Active Directory Service

1 Answers1