Amazon Cloud Directory Cheat Sheet
-
Amazon Cloud Directory is a fully managed, cloud-native directory service that handles complex hierarchical data structures, such as organizational charts, device registries, etc.
-
Supports directories with hundreds of millions of objects and relationships, making it ideal for large organizations.
-
You can design custom schemas for your specific needs and share schemas across multiple applications.
-
No need for manual server management or scaling. AWS handles everything.
-
Use hierarchical structures with flexible facets and attributes to organize data in a way that best fits your application.
Features
-
Multi-Dimensional Hierarchies: Create complex, multi-level hierarchies spanning dimensions like location, cost center, and reporting structure.
-
Custom Schema: Define custom facets and attributes tailored to your application, ensuring high flexibility.
-
Search Capabilities: Built-in search tools allow you to search objects and relationships within your directory quickly.
-
Encryption & Security: Automatic data encryption at rest and in transit to ensure secure data handling.
-
Object Policies: Apply policies to enforce data integrity and access control across your directory.
-
Fully Managed Service: AWS manages the infrastructure and scaling so that you can focus on your application.
Use Cases
-
Store employee data, reporting structures, roles, and organizational hierarchies.
-
Manage educational resources, courses, and student enrollment data.
-
Track devices, their configurations, and relationships to other network components.
-
Model and manage complex network components and interconnections.
- Implement fine-grained access controls and enforce organizational security policies.
Security
-
IAM Integration: Integrates seamlessly with AWS Identity and Access Management (IAM) to control access to directory resources.
-
Compliance: Amazon Cloud Directory complies with standards such as ISO, SOC, PCI, FedRAMP, and HIPAA.
-
Auditability: CloudTrail integration allows you to log and monitor all API calls for auditing and compliance purposes.
-
Encryption: Data is encrypted in transit and at rest, providing top-level security for sensitive information.
-
VPC Endpoints: Enable private connectivity between your Virtual Private Cloud (VPC) and Cloud Directory for enhanced security.
Pricing
-
Storage: $0.25 per GB per month.
-
API Calls:
-
Eventually Consistent Reads: $0.0040 per 10,000 read API calls.
-
Strongly Consistent Reads: $0.0043 per 1,000 read API calls.
-
Writes: $0.0043 per 1,000 write API calls.
-
-
Free Tier: The first 30 days are free; after that, charges are applied based on usage.
References:
https://docs.aws.amazon.com/clouddirectory/latest/developerguide/what_is_cloud_directory.html