Domainless Group Managed Service Accounts (gMSAs) are now supported for both Linux and Windows containers running on Amazon EC2, making authentication via Microsoft Active Directory (AD) easier than ever.
The Challenge of AD Authentication for Containers till Date
On 2019 Reinvent aws announced support for gMSA
Running containers requiring AD authentication meant joining the ECS nodes to the AD domain. However, this approach posed some limitations, especially during autoscaling events and when deploying containers across a dynamic and elastic infrastructure.
Benifits of this Update
No Need to Join ECS Nodes to the Domain
This update is the ability to run containers requiring AD authentication without having to join the ECS nodes to the domain. This means no more complications during autoscaling events, and no more worrying about domain dependencies. Containers can now seamlessly authenticate with Microsoft Active Directory, accessing network shared resources such as SQL Server hosts and file-shares without any hassle.
for trying you can follow the bellow blogs for creating gMSA
Step by Step guide for linux container
Eliminating the need to join ECS nodes to the domain, allowing organizations to deploy and scale containers effortlessly and improving overall security.