AWS Microsoft AD uses an interforest trust that you can use for other AWS solutions, such as Amazon QuickSight and Amazon WorkSpaces, and other AD-aware applications that you run in the AWS Cloud. This eliminates the need to configure and manage separate SAML infrastructure to access the AWS Management Console. Instead, you can use AWS Microsoft AD to assign on-premises users and groups to AWS Identity and Access Management (IAM) roles and grant your users access to the AWS Management Console and AWS resources.

To learn more about how to use AWS Microsoft AD to enable your on-premises AD users to access and manage AWS resources by signing in to the AWS Management Console, see How to Access the AWS Management Console Using AWS Microsoft AD and Your On-Premises Credentials and Manage Access to AWS Management Console.

