Amazon Cloud Directory is a service that enables an IT team to build cloud-native directories in the Amazon Web Services (AWS) public cloud. A team can use the service to organize hierarchies of different data types, such as user lists and network configurations.
According to Amazon, Amazon Cloud Directory differs from traditional Lightweight Directory Access Protocol (LDAP) options because it can scale up to millions of objects to support "virtually unlimited directories." More traditional LDAP-based directories also focus mostly on user and device management, and are usually limited to a single hierarchy, while Amazon Cloud Directory lets users navigate directories through multiple hierarchies, such as cost or employee reporting structure, Amazon says.
An admin or a developer can use Amazon Cloud Directory to manage the various directory items and the interdependencies between them. A developer can also search or view trees of data with user-defined attributes, such as physical location.
A developer composes directory objects based on schemas to enforce restraints for data correctness. AWS provides sample schemas, or a developer can define them in the service console. A developer can also define policies for individual objects, relationships and apps.
Amazon provisions and manages capacity for the Directory, and optimizes the service for low latency and a high rate of eventually consistent reads.
An IT team can access the Amazon Cloud Directory through the AWS Management Console or AWS Command Line Interface, then use application programming interfaces to add objects to a directory according to the defined schema. Amazon also provides a software development kit for the service to create, manage and delete directories as needed.
Amazon Cloud Directory integrates with other Amazon cloud services, including AWS CloudTrail for comprehensive directory access logs. An administrator can combine this with other techniques, such as resource tagging, to help organize reporting of directory resource use.