AWS DevOps Engineer Professional DOP-C01 – Question389

You run a 2000-engineer organization. You are about to begin using AWS at a large scale for the first time.
You want to integrate with your existing identity management system running on Microsoft Active Directory, because your organization is a power-user of Active Directory. How should you manage your AWS identities in the most simple manner?

A.
Use a large AWS Directory Service Simple AD.
B. Use a large AWS Directory Service AD Connector.
C. Use an Sync Domain running on AWS Directory Service.
D. Use an AWS Directory Sync Domain running on AWS Lambda

Correct Answer: B

Explanation:

Explanation:
You must use AD Connector as a power-user of Microsoft Active Directory. Simple AD only works with a subset of AD functionality. Sync Domains do not exist; they are made up answers. AD Connector is a directory gateway that allows you to proxy directory requests to your on-premises Microsoft Active Directory, without caching any information in the cloud. AD Connector comes in 2 sizes; small and large. A small AD Connector is designed for smaller organizations of up to 500 users. A large AD Connector is designed for larger organizations of up to 5,000 users.
Reference:
https://aws.amazon.com/directoryservice/details/