Amazon Cloud Directory is a highly available multi-tenant directory-based store in AWS. These directories scale automatically to hundreds of millions of objects as needed for applications. This lets operation's staff focus on developing and deploying applications that drive the business, not managing directory infrastructure. Unlike traditional directory systems, Cloud Directory does not limit organizing directory objects in a single fixed hierarchy.
With Cloud Directory, you can organize directory objects into multiple hierarchies to support many organizational pivots and relationships across directory information. For example, a directory of users may provide a hierarchical view based on reporting structure, location, and project affiliation. Similarly, a directory of devices may have multiple hierarchical views based on its manufacturer, current owner, and physical location.
- Understanding Key Cloud Directory Concepts
- Using the Console
- Directory Objects
- Indexing and Search
- Using the Cloud Directory APIs
- Amazon Cloud Directory Compliance
Understanding Key Cloud Directory Concepts
A directory is a schema-based data store that contains specific types of objects organized in a multi-hierarchical structure (see Directory Structure for more details). For example, a directory of users may provide a hierarchical view based on reporting structure, location, and project affiliation. Similarly, a directory of devices may have multiple hierarchical views based on its manufacturer, current owner, and physical location.
Using the Console
With Amazon Cloud Directory, the AWS Directory Service console lets you do the following:
Create, and delete directories
View directory details
Create, upload, and delete schemas
View schema details
Developers model directory objects using extensible schemas to enforce data correctness constraints automatically, making it easier to program for. Amazon Cloud Directory offers rich information lookup based on your defined indexed attributes, thus enabling fast tree traversals and searches within the directory trees. Cloud Directory data is encrypted at rest and in transit.
When a schema has been applied to a directory, all data within that directory must then conform to that applied schema. In this way, the schema definition is essentially a blueprint that can be used to construct multiple directories with applied schemas. Once built, those applied schemas may vary from the original blueprint, each in different ways.
Indexing and Search
Amazon Cloud Directory supports two methods of indexing: Value based and type based. Value-based indexing is the most common form. With it you can index and search for objects in the directory based on the values of object attributes. With type-based indexing, you can index and search for objects in the directory based on object types. Facets help define object types. For more information about schemas and facets, see Schemas and Facets.
Using the Cloud Directory APIs
Amazon Cloud Directory includes a set of API operations that enable programmatic access to Cloud Directory capabilities. You can use the Amazon Cloud Directory API Reference Guide to learn how to make requests to the Cloud Directory API for creating and managing the various elements. It also covers the components of requests, the content of responses, and how to authenticate requests.
Amazon Cloud Directory Compliance
Amazon Cloud Directory has undergone auditing for the following standards and can be part of your solution when you need to obtain compliance certification.Security, including HIPAA and PCI compliance, is a shared responsibility. It is important to understand that Cloud Directory compliance status does not automatically apply to applications that you run in the AWS Cloud. You must ensure that your use of AWS services complies with the standards.