Our Blog

AWS Managed Microsoft AD now supports Kerberos Encryption audit event logs

Published
April 20, 2026
https://aws.amazon.com/about-aws/whats-new/2026/04/aws-managed-microsoft-ad-kerberose-encrption-logs/

AWS Managed Microsoft AD Updates

Starting today, AWS Managed Microsoft AD supports forwarding Kerberos Encryption audit event logs (Event IDs 201–209) to Amazon CloudWatch Logs. These logs provide visibility into the encryption types used by your applications and services, helping you identify which resources are using RC4 encryption versus AES encryption. This visibility allows you to decide whether to upgrade clients to AES encryption (recommended for improved security) or maintain RC4 support based on your environment's compatibility requirements.

What to do

  • Navigate to your AWS Managed Microsoft AD directory Network and Security tab in the AWS Directory Service console.
  • Enable log forwarding to Amazon CloudWatch Logs.
  • Review the Kerberos Encryption audit events to understand your current encryption settings.

To learn more, see Enabling Amazon CloudWatch Logs log forwarding for AWS Managed Microsoft AD.

This feature is available in all AWS Regions where AWS Managed Microsoft AD is available, except in the Middle East (UAE) and Middle East (Bahrain) Regions.




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/10/amazon-connect-configurable-thresholds-schedule-adherence/

Amazon Connect now provides configurable thresholds for schedule adherence

Amazon Connect now provides configurable thresholds for schedule adherence, giving you more flexibility in how you track agent performance
Read more
https://aws.amazon.com/about-aws/whats-new/2026/03/amazon-cloudwatch-database-insights-on-demand-analysis-in-govcloud/

Amazon CloudWatch Database Insights on-demand analysis now available in AWS Govcloud (US) Regions

Amazon CloudWatch Database Insights expands the availability of its on-demand analysis experience to AWS GovCloud (US-East) and AWS GovCloud (US-West)
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/amazon-connect-metrics-completion-agent-performance-evaluations

Amazon Connect now provides metrics on completion of agent performance evaluations by managers

Amazon Connect now provides metrics that measure completion of agent performance evaluations, improving manager productivity and evaluation consistency
Read more
View all