In AWS you have the ability to utilize Microsoft AD. You have three different options to choose from when it comes to this integration. They are AWS managed Microsoft AD, AD connector, and simple AD. First off with AWS managed Microsoft AD you are able to create your own AD compatible directory in AWS and simply utilize this while retaining the ability to create a two way trust connection with a local Microsoft AD. If you try to sign into an account via AWS that is not present there, it will check the local AD and vice versa.
Next up is the AD connector, this allows you to utilize AWS as a proxy to your onsite AD service. When users attempt to use a domain account via AWS they will be routed through your Microsoft AD. Finally we have simple AD, this is closely related to AWS managed Microsoft AD, but without the ability to connected with a local AD. This AD will be stored solely in the cloud and is a good option if you simply need to provide a AD for your EC2 machines running windows.