© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

December 1, 2016

Building SaaS Offerings for Desktop

Apps with Amazon AppStreamSupreeth Sheshadri, AWS

Mats Westenius, AVEVA AB

CMP321

What to Expect from the Session

• Build your streaming SaaS

• Customer talk - AVEVA AB

• Working together

Our learnings from AppStream

• AppStream – SDK-based streaming engine

• Several gaps – app lifecycle, VPC access,

price/performance, DIY clients

• Customers wanted fully managed streaming platform

Fully managed application streaming service that provides

users instant access to their desktop applications

Desktop Application Streaming

Stream desktop applications securely

to any web browserPay-as-you-go Scale globally

Secure apps & dataRun Desktop Apps

in a Web Browser

Move desktop applications

to the cloud

Provide instant access

to apps from anywhereOffer tools to simplify

application streaming

Why Did We Build Amazon AppStream 2.0?

Business & Public Sector

Move desktop apps

to cloud with no re-write

ISVs Design & Engineering

Benefits: Instant-on Access to Desktop Apps

Instant start for desktop apps – like watching a video online

Benefits: Import Your Apps Without Re-writes

Import existing apps with no changes or re-write and start streaming

Benefits: Works With Your IT

Integrates with existing apps, identity, entitlements, and back-end

Benefits: Fully-Managed Service

No hardware or software to install, submit your apps and start streaming

One streaming instance per end user – no shared instances

Benefits: Consistent Scalable Performance

Build your own streaming SaaS - Example

• Online learning system

• 1000s of students

• Complement classroom education

• Students access desktop apps from web portal

Build your own streaming SaaS – Elements

Admin UsersStreaming

Technology

• Use multiple apps at the same time

• Clipboard, file upload/download, printing

• Audio and bandwidth controls

• Multiple storage options

• HTML5 browsers with no plug-ins

Simple User Experience

Simple user experience

Simple user experience

NICE DCV streaming protocol

• High fidelity visualization delivered to browsers

• HTTPS access via streaming gateways

• Adaptive and responsive streaming

• AES-256 encrypted

• Supports both 3D and non-graphics applications

Admin Experience

AWS Management Console Programmatic access – AWS SDK

Admin setup

1 2 3 4

Admin setup – import applications

• Use Image Builder via AWS Management

Console

• Install apps, test apps, and publish image

• Optimize app launch time and configure

app launch parameters

Admin setup – create image

• Microsoft Windows Server 2012 R2

• Image contains your apps

• Image is built using an Image Builder

• Use AWS Management Console

$> aws appstream describe-images

Admin setup – create fleet

• Auto-scaled instances – fixed/dynamic scaling

• Configurable instance type

• Non-persistent instances

• Running instances deliver instant-on connection

• Amazon VPC access

$> aws appstream create-fleet <instance type> <subnets> <image>

Admin setup – create stack

You can set up an Amazon AppStream

2.0 Stack to start streaming apps to

your users browsers.

Stack consists of a fleet of streaming

instances and user access policies and

configurations.

$> aws appstream create-stack <fleet>

Network config

On-premises

Public Internet

VPN

or

Direct Connect

Pixels - HTTPS

Identity/SAMLPixels - HTTPS

Streaming GatewayFleet

Utility/License/Database servers

Amazon AppStream 2.0 Network – 198.19.x

Customer/ISV VPC

172.X or 192.x or 10.x

Photon Built in

Storage

Private Network Access

HPC Cluster

Stack

Launch streaming application(s)

$> aws appstream create-streaming-url <stack> [app]

• Multiple instance types

• Graphics and non-graphics instance families

• Standard, Compute, Memory, and Graphics

• Non-graphics starting from 10 cents/hr

• Supports Elastic GPU

Features: Multiple Instance Types

• Pay per hour for running instances in your fleet

• Scaling policies and instance type choice optimize

cost

• Pay per unique user that connects in a month

• User fee waived for BYOL RDS CALs

AppStream 2.0 Pricing

AVEVA

The leading supplier of

engineering design and

information management

software solutions

Our Purpose

Our purpose is to power

Digital Assets that help

shape our world

Oil & Gas

Power & Utilities

Chemicals & Petrochemicals

Pulp & Paper

AEC & Infrastructure

Mining & Minerals

Fabrication

Marine

100% of

are AVEVA customersSource: IHS Energy 50

The top 10 global

energy companies

90% of

The top 10 global shipyards

are AVEVA customers

Source: Clarkson’s World Fleet Register

The Digital Asset – our Centre of Attention

AVEVA Everything 3D™ - an AVEVA Flagship

AVEVA’s Journey with Amazon AppStream

Started in 2014 with a PoC

AWS Blog

Amazon AppStream Now Available to All Developers

by Jeff Barr | on 12 MAR 2014

And so we …

• Built an Enablement Service

• Using Elastic Beanstalk

• Built a Windows client using the

provided SDK

• Created an Amazon AppStream ID

• Silent install of AVEVA E3D™

• Silent install of static Project Data

The Streaming Experience was

Great

PoC with 3 major Corporate Customers

With Support for Customer’s own shared project data

The Streaming Experience looks Great but…

If you cannot connect to your streaming application, make sure that your firewall allows traffic through TCP port 80 and 8080 and UDP ports 9070 through 9097

Unencrypted traffic

Port 80 – non standard web traffic

Significant range of UDP ports

No proxy support

No known gateway to lock down traffic to

Requirement to install client software

AVEVA’ Major Concerns

AVEVA Enablement Service

AWS VPCAVEVA Customer Project Data

IP range

All of us-east-1

SG open to

all of us-east-1

• Not possible to secure

access to project data

• The cost

AVEVA Experience – Using Amazon AppStream

Self-training site

Launched in July 2015

The Production Business Case

First

Subcontractor scenario

ACMESUBC

AVEVA Global

HUB

Streamed

AVEVA E3D™

Sessions

Account: ACME

First SUBC user access

within hours

ace@subc.com

bob@subc.com

cal@subc.com

dan@subc.comC SSC

AVEVA Global

Satellite

Client side

• No IT overhead

HTTPS to known gateway(s)

No client install

• High quality streaming

Dynamic

Cursor feedback

Clipboard local/remote

Restorable state

AVEVA’s Requirements on Amazon AppStream 2.0

Server & management side

• Secure access to project data

Launch in selected VPC

Launch in private subnet

• Programmatic access to

App – Fleet mgmnt

App lifecycle ctrl – hooks

Session launch

Session launch data

Automated AMI build

Users & GroupsPrivileges

AVEVA Connect

Services

Customer Account

Solutions

Environment

Other

Services

AVEVA Connect is a platform built

on Serverless Architecture for

publishing services and solutions.

The AVEVA Portal

Solutions

Environment

Digital Asset

Datasource

Configurations

Customizations

Multi-Discipline Digital Asset

Environment

Application

Solutions

Environment

Digital Asset

Datasource

Configurations

Customizations

Multi-Discipline Digital Asset

Environment

Application

Application

Streaming

User Access

Access to Solution

Environment ruled

by User Priviliges

Fleet selection and

parameters to pass

defined by Solution

Environment

Requirement: Session startup parameters

Must be possible to pass parameters at session launch

• Credentials to access the shared data sources

• Specification of the solution to launch

Project/asset

Configuration

Customisation package

Application

Public subnet Private subnet

Availability Zone

Customer VPC

Customer On-

Premises Data

Centre

On-premises to

AVEVA Connect

DB-link

Appstream 2.0 in the

private subnet with

access to the Digital

Asset Database

Designer accessing

the Solution

Environment through

a web browser

Demo

Try it now with no setup

Amazon AppStream 2.0 and your applications

• Enable license mobility

• Certify your applications

• Start trials, training, and SaaS environments

Amazon AppStream 2.0 Upcoming Features

• SAML integration for authentication

• Lifecycle hooks for streaming instances

• Built-in storage for users

• Stopped instance capacity

• Domain joined streaming instances

Thank you!

BAP204: Delivering desktop applications to any device anywhere with Amazon AppStream 2.0

CMP320: Delivering powerful graphics-intensive applications from the AWS Cloud

Remember to complete

your evaluations!