You will need a Windows EC2 instance that is joined to a domain to complete this recipe. If you already have one, skip to the How to do it section. If not, follow these steps to create a Directory Service directory and an EC2 instance that is joined to your domain:

1. Go to the Directory Service dashboard and click Set up a directory:

2. Select AWS Managed Microsoft AD from under Directory types:

3. Configure the directory information on the next screen. Again, note that this recipe does not fall into the free tier! There will be charges associated with these resources:

4. Be sure to remember the password you set in the previous step. You will need to log in to your EC2 instance with the domain user account – not with the machine administrator account – via the EC2 console.

5. Choose your VPC and Subnets. To keep things simple, choose your default VPC:

6. On the next screen, confirm your settings and click Create directory.
7. Wait for the directory to be created.
8. Go to the EC2 dashboard and click Launch Instance to create a new Windows instance.

9. Select Microsoft Windows Server 2019 Base:

10. On the following screen, select an instance type. Choose t2.micro to stay in the free tier. However, be aware that the performance of Windows Server on this small instance will be very slow. A larger instance type will perform much better, but it will incur a cost until you terminate it.
11. Click Next: Configure Instance Details.
12. On the following screen, select a Subnet that matches the subnet that's used by your Active Directory instance. Also, choose the directory in the Domain join directory dropdown.
13. Click Next: Add Storage and accept the defaults.
14. Click Next: Add Tags and optionally tag the instance with a unique name so that you can recognize it on the dashboard.
15. Click Next: Configure security group and choose the default VPC security group.
16. Click Review and Launch and launch your instance.