What is AWS Workspace
Workspace is a VDI Solution offered by AWS wherein users can provision virtual desktops on the AWS cloud. It is a managed and secure desktop as a service solution from AWS and users can provision either Windows or Linux machines in a matter of minutes. Users can easily scale up or scale down as per the requirement. AWS Workspace can help you to manage hardware inventory, operating system versions, updates, and patches. Organizations with employees working remotely from home can use AWS Workspace and deliver a desktop experience to their employees ensuring the right set of policies are there to protect their applications and data from any misuse. Virtual desktops provisioned on AWS Workspace can be accessed on various devices like PC, Mac, iPad, Android tablets, etc.
AWS Active Directory Services
AWS has come up with directory services to provide multiple ways to use Amazon cloud Directory or Microsoft Active Directory for authentication purposes along with other AWS services. If you are moving your AWS dependent workloads you will need access to AD Domain Controllers also known as DC’s. There are three primary services for Active Directory in AWS: – AWS Managed Microsoft AD, Simple AD, and AD Connector. If you want to use AWS End User Computing Services like AWS Workspaces with your existing Active Directory Credentials, then you should be able to connect AWS Workspaces with your AD Infrastructure. This can be achieved by using solutions like AWS Managed Microsoft AD and AD connector. AWS Managed Microsoft AD is a managed service that makes it easy for organizations to migrate their AD-dependent applications on AWS cloud also it takes away the pain of managing AD infrastructure being a managed service AWS will do that work for you.
However, AWS AD Connector on the other hand is a proxy that enables you to connect AWS services like AWS Workspaces with your existing on-premises AD and use your existing on-premises AD identities without actually deploying AD infrastructure on AWS cloud. AWS Simple AD is a managed directory powered by Samba 4 AD compatible server and can be integrated with AWS workspaces for user authentication purposes.
Pre-Requisites:
- Basic to medium knowledge of AWS.
- Make sure you are in a region that supports both Workspaces and Simple AD.
- This is a paid service so there will be some cost incurred for this activity.
- There must be a VPC with a public subnet and two private subnets.
Step by Step Approach to Integrate Workspace with Simple AD
Step 1:
The first step will be to login to your AWS console. Once you are in your AWS account please check whether the region supports AWS workspace and Simple AD both. Go to AWS Workspaces and click on directories at the left panel on your screen. Click on Setup Directory and choose Simple AD in Directory Types. Simple AD is available in two sizes Large and Small please choose small for the sake of this demo.
Enter your Organization Name and Directory DNS Name please make sure that it is a Fully Qualified Domain Name (FQDN). Directory NetBIOS name is optional and you can provide this if you want a short identifier for your domain.
Enter Administrator details for the admin users.
Step 2:
The next step is to choose VPC in which you want this Workspace to be launched. Select a VPC and Two private Subnets from the drop-down. Click on Next and review all details and create the directory
Step 3:
Once you have created a directory in Simple AD go to Workspaces tab and click on launch a workspace. Select the directory that you have created and click on next. The next page will ask you to create users so fill in the information of the users and click on create users. You can create multiple users as well.
Step4:
The next step is to choose the Workspace Bundle we will choose one with a free tier for this demo purpose.
Step 5:
The next step is to configure the Workspace wherein you can specify Running Mode we will select Auto Stop as it is a cost-effective solution and we will not Encrypt the Volumes in this demo.
Step 6:
Once you have created Workspace and it is active you will receive an email from AWS and it will have an activation Link. Following the link, you can activate your workspace and set up a password.
Once you have set up your account you can download and launch the client or continue using Web Console. The final page for Web console should look like this.
