DEV Community

Deploy Amazon Workspaces using Service Catalog

In this post we are going to discuss about Amazon Workspaces and how you can automate the deployment.

But first let's have a brief introduction about that service.

Amazon WorkSpaces is a cloud-based virtual desktop service that allows you to provision virtual desktops in the cloud and access them from anywhere. It provides a fully managed, secure, and scalable desktop computing environment without the need for you to manage any hardware or software and you can access the desktop from any supported device.

WorkSpaces requirements

In order to deploy Amazon Workspaces a few things need to be in place.

  • Active Directory to authenticate users and provide access to their WorkSpace. This can be AWS Managed Microsoft AD or On-premises AD. Or you can use an AWS AD Connector that will act as a proxy service for an existing Active Directory. If you're using AWS Managed Microsoft AD or Simple AD, your directory can be in a dedicated private subnet, as long as the directory has access to the VPC where the WorkSpaces are located. (To allow WorkSpaces to use an existing AWS Directory Service, you must first register it with WorkSpaces. After you register a directory, you can start launching WorkSpaces.)
  • VPC You’ll need a minimum of two subnets for an Amazon WorkSpaces deployment because each AWS Directory Service construct requires two subnets in a multi-AZ deployment.

For more details about the requirements and deployments scenarios, you may refer to this link:

Best Practices for Deploying Amazon WorkSpaces

Assumptions

In this guide we are going to focus on Automating the Workspaces deployment and AD configuration is out of scope. We are going to consider that AD and users are already configured.

Directory Registration

The first step is to register the Directory in Amazon Workspaces.
In the AWS Console click on Workspaces and then Directories, on the left.
Select your Directory, Click on Actions and then Register

Image description

Now, you have to select 2 subnets in your Workspaces VPC and click on Register again.
Image description
The Directory Registration process has begun and few minutes later the Registered status will be shown as True.

Image description

Service Catalog Configuration

Clone the following Github repo to your PC.
Amazon Workspaces.
It contains 2 files:

  1. workspaces.yaml
  2. sc-workspaces.yaml
  • Update the required values in workspaces.yaml (pDirectory, pUsername, pEncryptionKey, pWorkstationType) and then upload it, in your artefacts bucket (or a S3 bucket of your choice)
  • Update sc-workspaces.yaml with the S3 URL for that file
  • In AWS console, navigate to Cloudformation and deploy sc-workspaces.yaml

When deployment is complete, you are going to have a new Portfolio and Product in the Service Catalog.
Image description

Service Catalog Portfolio

Workspaces Deployment

Now you are ready to deploy your first Workspace by using SC.
Under Products, select Workspaces and lick on Launch Product
Service Catalog Workspaces Product

Select your product version (There will be just one. More will be visible if you update the CF template in the future)

Image description
Fill any required values and click Launch Product
(In WorkSpace User field enter the AD username of the Workspace owner. That user must exist in AD)
Image description

Image description

In the next screen you can now see that Service catalog has started provisioning your Workspace.

Image description

You can also check the progress in Cloudformation
Image description

Wait for a few minutes and then in AWS Console, click on Workspaces. Your newly provisioned workspace will now be visible

Amazon Workspaces

Click on the workspace to view it's details and take a note of the Registration Code, as you are going to need it at the next step
Image description

Connect to your Workspace

Now enter the AD Username and Password and click on Sign In
Image description

You have now successfully logged in your Amazon Workspace
Image description

Terminate your Workspace

  • In Service Catalog click on Provisioned Products.
  • Select the Workspace that you want to Terminate
  • Click on Actions and select Terminate

Terminate Amazon Workspaces

Top comments (2)

Collapse
 
johner97 profile image
Johner97

really great post

Collapse
 
garryhammack profile image
Info Comment hidden by post author - thread only accessible via permalink
Danny Acton

Data governance involves the management and control of an organization's data assets, ensuring their quality, security, compliance, and effective use across the organization and use papersessays.com/ site for quality work. Amazon DataZone is a service offered by AWS that helps organizations establish and enforce data governance policies, monitor data usage, and maintain data quality.

Some comments have been hidden by the post's author - find out more