Configuring Identity Federation for VMware Carbon Black Cloud on AWS GovCloud (US)

VMware Carbon Black Cloud on AWS GovCloud (US) requires that you configure an identity source to manage your users, and federate this identity source with a VMware Workspace ONE Access instance to allow your users to authenticate to your Organization.

You can use the following options for authentication.

An on-premises Microsoft Active Directory Federation Services (AD FS) server. If you choose this option, you will deploy and maintain an AD FS server in your on-premises data center, and use Direct Connect or a VPN to connect it to your SDDC. Start by deploying an AD FS server as described in https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/ad-fs-deployment. Then configure the VMware Workspace ONE Access as described in Federating Your Identity Source with Workspace ONE Access.
AWS Directory Service. If you choose this option, you will deploy AWS Directory Service in your AWS GovCloud account, and deploy a Windows VM in your SDDC to manage the Directory Service.