Try our new research platform with insights from 80,000+ expert users

AWS Directory Service vs Microsoft Entra ID comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 2, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Directory Service
Ranking in Identity and Access Management as a Service (IDaaS) (IAMaaS)
16th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Microsoft Entra ID
Ranking in Identity and Access Management as a Service (IDaaS) (IAMaaS)
1st
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
225
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Access Management (1st), Microsoft Security Suite (2nd)
 

Mindshare comparison

As of April 2025, in the Identity and Access Management as a Service (IDaaS) (IAMaaS) category, the mindshare of AWS Directory Service is 1.8%, down from 2.5% compared to the previous year. The mindshare of Microsoft Entra ID is 28.4%, down from 29.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Identity and Access Management as a Service (IDaaS) (IAMaaS)
 

Featured Reviews

Basa Saiteja - PeerSpot reviewer
A valuable access management system with a user-friendly and straightforward setup
The solution is scalable, and we can scale according to our needs. I rate the scalability a nine out of ten. In our organization, our access to our AWS comes from IAM. We use AWS consoles using our credentials and don't have route access, so each person will log in through our IAM programmatic access, and everyone on our team can work on cloud. Over 10,000 people in our organization utilize the solution.
Aaron Liang - PeerSpot reviewer
Has significantly improved secure access to applications and resources in our environment
Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution integrates well with other tools, particularly through single sign-on, allowing users to connect to various applications using just one password, including email."
"I like the manageability. Activate Connect makes it easier to assign information and to manage the resources in the network."
"AWS has eliminated the downtime we waste when our on-premises resources go down."
"The most valuable feature of AWS Directory Service is cost-cutting features."
"I would rate AWS Directory Service nine out of ten."
"The most valuable feature is that because it's all in the cloud, you don't need to manage the infrastructure."
"The pricing is very good because it is low and there is no management cost."
"The support is very good. I would rate the technical support as a nine out of ten."
"The most valuable feature is the conditional access policies. This gives us the ability to restrict who can access which applications or the portal in specific ways."
"User and device management is the most valuable feature."
"It's pretty easy to implement."
"Conditional access and Privileged Identity Management (PIM) are the most valuable features from a security perspective."
"Entra has made it easy to manage identity and access by integrating with all Microsoft services."
"It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
"Azure Active Directory is a very simple utility to use, it has very good visibility and transparency, and an easy-to-use panel."
"Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data."
 

Cons

"Can be improved by including on-premises access for services through Identity Access Management."
"Currently, there is no option to integrate our on-premises Cisco AWS Directory Service, requiring some manual configuration. If AWS Active Directory Service provided additional domain controller functionalities, like other on-premises Active Directory, it would be very helpful."
"Our only complaint is that you cannot integrate your Exchange server. Or, if you are planning to install an Exchange server on your Amazon EC2 instance, then you need to configure Active Directory on EC2 instance. We would like for this limitation to be lifted."
"The AWS Directory Service should be easier to integrate."
"To get CloudWatch to monitor your memory and storage, you have to do some configuration within your server, which sometimes results in errors."
"The group policy can be improved."
"AWS could improve the number of regions. Azure has passed them. The ned more consistency, as far as the Northeast is concerned."
"We had a problem with the schema uploading and setting up the directory when we are migrating our users from on-premises to cloud infrastructure."
"I would rate Microsoft's technical support on the lower side. While some responses are quick and satisfactory, there have been occasions where issues took weeks or circles to resolve, sometimes closing and reopening without resolution."
"Entra ID needs to improve its application credentials and use of ID permissions. There are challenges with the management layer. We want to create access down to the Graph level while invoking some management logic. That also means that if an application comes in, we cannot send that to the Graph because we would need an ID on behalf of the cloud hook."
"Azure Active Directory could be made easier to use. We have large amounts of data and storage. We are looking for video files and media content for applications, we will think about options, such as cloud storage or a CDN."
"It could be better if a simple member could understand more easily the prices of the products and packages offered by Microsoft."
"Microsoft is working with Microsoft Identity Manager for Active Directory on-premise. It will be very important to have these identity management solutions directly in Azure Active Directory. It's very important to have some kind of Azure identity manager as a technology for identity and access management for working both in the cloud and inside the Azure suite."
"Azure AD needs to be more in sync. The synchronization can be time-consuming."
"Rule management and permissions need improvements."
"Transitioning to the cloud is very difficult. They need the training to make it easier."
 

Pricing and Cost Advice

"The pricing is reasonable."
"We pay an annual subscription fee."
"The pricing depends because with AWS there are two types of directory objects: 30,000 and 500,000. It varies. AWS provides the pricing calculators so we can get an estimate from there as per the company requirement of how many users and objects that we need to create. So we can go to that portal, put in the data, and get the quotation. There are no extra licensing fees. It's all included."
"AWS' pricing is fair, and costs can be cut if you look carefully at when you're using it."
"I'm not totally aware of the pricing and licensing, but I do know that the pricing and licensing must be quite balanced. We are a pretty old client of Microsoft, and MSA is just one of the services we use from Microsoft. There's a whole Microsoft 365 suite that's implemented as well. I'm sure it is something that is acceptable to both parties."
"If you have a different IDP today, I would take a close look at what your licensing looks like, then reevaluate the licensing that you have with Microsoft 365, and see if you're covered for some of this other stuff. Folks sometimes don't realize that, "Oh, I'm licensed for that service in Azure." This becomes one of those situations where you have the "aha" moment, "Oh, I didn't know we can do that. Alright, let's go down this road." Then, they start to have conversations with Microsoft to see what they can gain. I would recommend that they work closely with their TAM, just to make sure that they are getting the right level of service. They may just not be aware of what is available to them."
"Compared to other Microsoft products, the cost is not too expensive. There's a free tier available, though it doesn't include all features. Overall, it's well-priced."
"Microsoft Azure AD has P1 or P2 licensing options, and it depends on the customer's needs. To use Conditional Access, you need to have the P1 license, and to use the PIN features, you need the P2 license."
"It is worth the money."
"Azure Active Directory is more expensive than Google, but the capabilities they provide are superior."
"I give the cost a three out of ten."
"The licensing model makes it difficult to understand the real cost of the solution, especially because it changes all the time."
report
Use our free recommendation engine to learn which Identity and Access Management as a Service (IDaaS) (IAMaaS) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Healthcare Company
10%
Manufacturing Company
7%
Educational Organization
30%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AWS Directory Service?
The most valuable feature of AWS Directory Service is cost-cutting features.
What is your experience regarding pricing and costs for AWS Directory Service?
The pricing is very good because it is low and there is no management cost. You do not need to hire any system administrator to manage your Active Directory.
What needs improvement with AWS Directory Service?
Currently, there is no option to integrate our on-premises Cisco AWS Directory Service, requiring some manual configuration. If AWS Active Directory Service provided additional domain controller fu...
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
What is your experience regarding pricing and costs for Azure Active Directory?
Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.
 

Also Known As

AWS Managed Microsoft AD
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Interactive Demo

 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
Find out what your peers are saying about AWS Directory Service vs. Microsoft Entra ID and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.