Amazon WorkSpaces

Amazon WorkSpaces is an Amazon Web Services tool that enables an IT administrator to give end users access to cloud applications, services, resources or documents on different types of devices within a virtualized desktop. AWS manages the infrastructure for the desktop as a service, which can remove the complexity, high cost and security vulnerabilities of managing an on-premises system.

An IT team provisions Amazon WorkSpaces through the AWS Management Console, and an end user connects to a WorkSpace with the client application from a range of supported devices, including laptops, desktops and tablets. An administrator assigns each end user to a WorkSpaces bundle, which defines a combination of compute, storage and application resources. In each region, the administrator can create up to five images -- software, OS and settings -- from each WorkSpaces bundle of images and hardware.

The Amazon WorkSpaces Application Manager (Amazon WAM) delivers containerized desktop applications. Amazon WAM can accelerate software deployment and upgrades by packaging Windows apps into virtualized containers that run similarly to natively installed apps. The Amazon WAM Studio packages applications and the Amazon WAM Player validates those applications. An administrator can assign up to 50 applications to each end user.

Amazon WorkSpaces runs on Windows 7; a business can run Windows 10 on physically dedicated hardware if it brings its own Windows Desktop license to the cloud. If an enterprise does not bring its own license, AWS imposes a monthly charge. A developer imports the Windows desktop image, which runs in an Amazon Machine Image.

An administrator can set up credentials for end users or integrate Amazon WorkSpaces with Microsoft Active Directory to collect existing user credentials. If the admin does not set up Active Directory integration, the end user must enter a password during his or her first sign-on. The service supports AWS Identity and Access Management and multi-factor authentication. The service also supports root- and user-volume encryption, and uses Elastic Block Store volumes that can be encrypted to protect data at rest, disk I/O to the volume and snapshots. Amazon WorkSpaces integrates with AWS Key Management Service to enable an administrator to manage encryption keys. For additional protection, an administrator can install third-party anti-virus software on user WorkSpaces.

Amazon WorkSpaces requires a four-hour maintenance window, which every Sunday morning from midnight to 4 a.m. in the time zone native to a particular region.

A business can choose to either pay for Amazon WorkSpaces on an hourly or monthly basis. The AWS customer is billed for each WorkSpace launched.

This was last updated in October 2016

Continue Reading About Amazon WorkSpaces

Dig Deeper on AWS infrastructure