Amazon Cloud Directory Cheat Sheet

• Amazon Cloud Directory is a fully managed, cloud-native directory service that handles complex hierarchical data structures, such as organizational charts, device registries, etc.
• Supports directories with hundreds of millions of objects and relationships, making it ideal for large organizations.
• You can design custom schemas for your specific needs and share schemas across multiple applications.
• No need for manual server management or scaling. AWS handles everything.
• Use hierarchical structures with flexible facets and attributes to organize data in a way that best fits your application.

• Service Status: Amazon Cloud Directory will no longer be open to new customers starting November 7, 2025. Existing customers can continue using the service.

   

Features

• Multi-Dimensional Hierarchies: Create complex, multi-level hierarchies spanning dimensions like location, cost center, and reporting structure.
• Custom Schema: Define custom facets and attributes tailored to your application, ensuring high flexibility.
• Search Capabilities: Built-in search tools allow you to search objects and relationships within your directory quickly.
• Encryption & Security: Automatic data encryption at rest and in transit to ensure secure data handling.
• Object Policies: Apply policies to enforce data integrity and access control across your directory.
• Fully Managed Service: AWS manages the infrastructure and scaling so that you can focus on your application.
• Managed Schemas: Added support for managed schema option to simplify schema management and sharing across applications.
• In-Place Schema Upgrades: Apply schema changes directly across directories without downtime or data migration.
• Facet-Based Indexing: Use facets to create indexes for faster search and query of hierarchical objects.
• Batch Operations: Support for batching multiple object and link operations for efficiency.

Use Cases

• Store employee data, reporting structures, roles, and organizational hierarchies.
• Manage educational resources, courses, and student enrollment data.
• Track devices, their configurations, and relationships to other network components.
• Model and manage complex network components and interconnections.
• Implement fine-grained access controls and enforce organizational security policies.

Security

• IAM Integration: Integrates seamlessly with AWS Identity and Access Management (IAM) to control access to directory resources.
• Compliance: Amazon Cloud Directory complies with standards such as ISO, SOC, PCI, FedRAMP, and HIPAA.
• Auditability: CloudTrail integration allows you to log and monitor all API calls for auditing and compliance purposes.
• Encryption: Data is encrypted in transit and at rest, providing top-level security for sensitive information.
• VPC Endpoints: Enable private connectivity between your Virtual Private Cloud (VPC) and Cloud Directory for enhanced security.
• Compliance Updates: HIPAA and PCI compliance information added.

Pricing

• Storage – $0.25 per GB per month.
• API Calls:
  • Eventually Consistent Reads: $0.0040 per 10,000 read calls.
  • Strongly Consistent Reads: $0.0043 per 1,000 read calls.
  • Writes: $0.0043 per 1,000 write calls.
• Free Tier – First 30 days free; charges apply based on usage thereafter.

References:

https://docs.aws.amazon.com/clouddirectory/latest/developerguide/what_is_cloud_directory.html

https://aws.amazon.com/cloud-directory/

https://aws.amazon.com/cloud-directory/pricing/