<div>
<div class="content wysiwyg-content">
Dear experts,<br />
My company is moving computing services into AWS from on-premise Data Center. <br />
Our infrastructure relies on the internal two-level PKI Active Directory Certificate Services. <br />
I'm trying to decide between two options:<br />
1. Lift-and-shift - &nbsp;take existing VMs and light them up in AWS, change IP and update DNS. <br />
2. Stand up two parallel Issuing Authorities and migrate templates there one-by-one. <br />
<br />
Thoughts? Pros and Cons?
</div>
</div>


Dear experts,
My company is moving computing services into AWS from on-premise Data Center. 
Our infrastructure relies on the internal two-level PKI Active Directory Certificate Services. 
I'm trying to decide between two options:
1. Lift-and-shift -  take existing VMs and light them up in AWS, change IP and update DNS. 
2. Stand up two parallel Issuing Authorities and migrate templates there one-by-one. 

Thoughts? Pros and Cons?

Migrate PKI into AWS - lift and shift.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Amazon Web Services (AWS), is a collection of remote computing services, also called web services, that make up a cloud-computing platform  operated from 11 geographical regions across the world. The most central and well-known of these services include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". Other services include Elastic MapReduce (EMR), Route 53 (a DNS web service),  provides a highly available and scalable Domain Name System (DNS) web service, Virtual Private Cloud (VPC), storage, database, deployment and application services.