(SDD420) Amazon WorkSpaces: Advanced Topics and Deep Dive | AWS re:Invent 2014
40
November 13, 2014 | Las Vegas, NV Eric Schultze, Principal Product Manager, AWS Deepak Suryanarayanan, Sr. Product Manager, AWS
-
Upload
amazon-web-services -
Category
Technology
-
view
411 -
download
0
description
Amazon WorkSpaces is an enterprise desktop computing service in the cloud. In this session, we dive deep into configuration, administration, and advanced networking topics for WorkSpaces. We also discuss integration of WorkSpaces to your corporate active directory and best practices for enabling your WorkSpaces to access resources on your corporate intranet.
Transcript of (SDD420) Amazon WorkSpaces: Advanced Topics and Deep Dive | AWS re:Invent 2014
November 13, 2014 | Las Vegas, NV
Eric Schultze, Principal Product Manager, AWS
Deepak Suryanarayanan, Sr. Product Manager, AWS
internal.exampleco.com
INTERNAL_MAIN_OU
Domain Controllers Users
Engineering
Management
Sales
Workstations
AmazonWorkSpaces
Desktops
Direction Protocol Port Range Source
Inbound TCP 53 172.16.0.0/16
Inbound TCP 88 172.16.0.0/16
Inbound TCP 135 172.16.0.0/16
Inbound TCP 389 172.16.0.0/16
Inbound TCP 445 172.16.0.0/16
Inbound TCP 464 172.16.0.0/16
Inbound TCP 636 172.16.0.0/16
Inbound TCP 1024-65535 172.16.0.0/16
Inbound UDP 53 172.16.0.0/16
Inbound UDP 88 172.16.0.0/16
Inbound UDP 123 172.16.0.0/16
Inbound UDP 138 172.16.0.0/16
Inbound UDP 389 172.16.0.0/16
Inbound UDP 445 172.16.0.0/16
Inbound UDP 464 172.16.0.0/16
Inbound UDP 1812 172.16.0.0/16
Example Co
Corp Network
10.31.0.0/16
WorkSpace
VPC 172.16.0.0/16
Example Co.
AD
Connector
ENI
ENI
VPN
Connection
Active
Directory
Custom Images with Amazon WorkSpaces
Custom Images with Amazon WorkSpaces
Custom Bundle with Amazon WorkSpaces
base-image-11-13-
2014
Standard-base-
bundle
Image name:
base-image-11-13-
2014
Custom Images with Amazon WorkSpaces
Custom Images with Amazon WorkSpaces -
Lifecycle
Example-Co-base-12-13-2014
Custom Bundle with Amazon WorkSpaces –
Lifecycle
Standard-base-bundle
Example-Co-base-12-13-
2014
Example-Co-base-12-13-
2014
Standard-base-bundle
Example-Co-base-11-13-2014
1. Identify your closest AWS region (use cloudping.info)
2. Build one custom image – use with different Bundles and Directories
3. Billing is monthly, not hourly
4. Use MFA
5. WorkSpace Rebuilds use latest image associated with the bundle,
plus D drive backup from the last 12 hours
6. Use multiple AD Connectors against the same Active Directory
(one for pre-production, one for production)
7. No data transfer charge for inbound data transfer to your WorkSpaces
(ex. web browsing, etc)
8. Use the EXACT printer driver
9. Watch for expiring AD Connector account password
10. Use policy file to control remoting features: C:\Program Files (x86)\Teradici\PCoIP
Agent\configuration\pcoip.adm
![AWS re:Invent 2016: [JK REPEAT] Deep Dive on Amazon EC2 Instances, Featuring Performance Optimization Best Practices (JKT301)](https://static.fdocuments.in/doc/165x107/586fb4391a28abe57d8b7093/aws-reinvent-2016-jk-repeat-deep-dive-on-amazon-ec2-instances-featuring.jpg)
