Final answer:
The recommended mode to run directory service when you have an existing Active Directory on-premises and want a minimal AWS footprint is Hybrid mode, which allows you to extend your on-premises Active Directory into the AWS cloud.
Step-by-step explanation:
When you have an existing Active Directory on-premises and want a minimal AWS footprint to run isolated services which need a directory, the recommended mode to run directory service is Option 3: Hybrid Mode. In this mode, you can extend your on-premises Active Directory into the AWS cloud using AWS Directory Service. This allows you to have a single directory that can be accessed by both on-premises and AWS resources, providing a seamless experience across environments.
In Hybrid mode, you can use either AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) or AWS Directory Service for Microsoft Active Directory (AD Connector). With AWS Managed Microsoft AD, you have a fully managed Active Directory in AWS, while AD Connector is a lightweight service that provides connectivity to your existing on-premises directory.
By running in Hybrid mode, you can ensure compatibility and integration between your on-premises Active Directory and your isolated services in AWS, minimizing the need for additional maintenance and management.