Amazon Workspaces

What is Amazon WorkSpace?

Amazon WorkSpaces is a fully managed desktop virtualization service that enables you to connect to and access your desktop software securely, reliably, and quickly from on-premises or an external network. In addition, it is a tool that helps an IT administrator to provide end-user access to cloud applications, services, resources, or documents on different types of devices within a virtualized desktop. ::: section{.tip} Desktop Virtualization is the concept of creating a virtual machine, which acts like a desktop computer.

Why Do We Use Amazon WorkSpace?

Most employees in an organization don't need or use today's laptops' "massive" computing capabilities. For example, consider the executive assistant or managers who spend their days processing emails, creating documents, and doing web searches to support their work assignments or manage their employees. Even some developers don't need computing power on their desks.

The truth is that the vast majority of computing hardware deployed in an organization today is capable of far more than what the average employee uses. Even software developers who spend most of their time writing code use build systems that are not local to their workstations.

Amazon WorkSpace helps to facilitate remote work and allows running desktops with specifications as per need reducing the overall cost.

Amazon WorkSpace Features

Features provided by Amazon WorkSpaces are:

Virtual Desktop :

• Amazon Workspace provides a virtual desktop via the cloud, eliminating the upfront costs and the need to manage the desktop because AWS fully manages it.
• It will be a cost-effective, user-friendly, and broadly accessible desktop experience for the users.

Amazon WorkSpaces Bundles

• To start with Amazon WorkSpace, we can choose from various hardware configurations, software configurations, and AWS Regions.
• Amazon Workspace provides us with an additional bundle of software pre-installed, including Microsoft Office, Trend Micro Worry-Free Business Security Services, and a utility bundle. In addition, we can choose from various bundles, including Value, Standard, Performance, Power, PowerPro, Graphics, and GraphicsPro, to launch the workspace.
• We can also create a custom image of the WorkSpace and make our own installed software bundle.

Streaming Protocols

• To provide users with a secure and high-quality experience, Amazon Workspace utilizes streaming protocols.
• It supports two protocols: PC-over-IP (PCoIP) or WorkSpaces Streaming Protocol (WSP).
• These protocols analyze the hosted desktop, along with the network, and the user's device.
• It selects compression and decompression algorithms (codecs) that encode a rendering of the user's desktop and transmit it to the user's device as a pixel stream.
• The protocol we choose depends on different factors, like how the users access their workspace from other devices. In addition, it also depends on the operating system the workspace is using, which network conditions the users face, and whether your users require bidirectional video support.

Easy Provisioning

• Provisioning desktops in Amazon WorkSpaces is very easy; we have to choose bundles that best suit the requirements and the number of workspaces we would like to launch.
• Once the workspace is provisioned, the user gets an email providing instructions on where to download the workspace client applications they need and how to connect to it.
• When we no longer need any WorkSpace, we can quickly delete it.

Accessible from Desktop, Mobile, and Web

• With the help of the Amazon WorkSpaces client application, we can access Amazon WorkSpaces from Windows and Mac computers, Chromebooks, iPads, Fire tablets, and Android tablets.
• It can also be accessed using supported web browsers (Chrome, Firefox, etc.) without downloadingoad a client application.
• The Amazon WorkSpaces client applications for different devices (Windows, Mac, Chromebooks, iPads, Fire tablets, and Android tablets) provide various features according to the need of that device.

Amazon WorkSpace Benefits

Benefits provided by Amazon WorkSpaces are:

1. Secure Cloud Desktops

• The user's data are not stored on a local device which e, which eliminatesnating of stealing user data for unauthorized access. In addition, AWS also provides Key Management Services (KMS). The KMS key is used to encrypt, decrypt, and re-encrypt data.
• Amazon WorkSpaces havehasedicated VPC (Virtual Private Cloud), which provides each user with encrypted and secure access to store volumes in the cloud.

2. Variable Cost Model

• Amazon Workspaces provide Compute, Storage, Memory, and Database resources as per the user's performance needs.
• Only pay for what is being consumed - if we need more resources, we can expand and scale out; if we need less, we can reduce the resources at any time, and there is no upfront cost.

3. Simple to Deploy & Manage

• Amazon Workspace provides the benefit of simple deployment and management when needed.
• Deployment and management can be done through the AWS Management Console or programmatically using AWS CLI.

4. Scalable & Performant

• Amazon Workspace provides a scalable and performant solution.
• The number of Amazon Workspaces running can be increased when demand increases and decreased when not needed providing huge scalability.
• It provides a wide array of workspace bundles that users can use. The users can also select a mix of different options when needed.

Architecture

Let's talk about the Architecture of Amazon Workspace.

The following figure describes the architecture of Amazon WorkSpaces.

• Each WorkSpace is associated with a VPC and a directory to store and manage information for the WorkSpaces and users.
• Directories are managed through the AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD.
• Users can access the workspace using a client application from a supported device and log in using their directory credentials.
• The authentication gateway gets the login information, which forwards the traffic to the directory for WorkSpace.
• Client applications use HTTPS over port 443 for all authentication and session-related information.
• In addition, it uses port 4172 PC-over-IP (PCoIP) and port 4195 WorkSpaces Streaming Protocol (WSP) for pixel streaming to the WorkSpace. Both these ports are also used for network health checks.
• Each WorkSpace has two elastic network interfaces: a network interface for management and streaming (eth0) and a primary network interface (eth1).
• The IP address of the primary network interface is provided by the VPC to ensure that traffic from the WorkSpace can easily reach the directory.
• Access to resources in the VPC is controlled by the security groups assigned to the primary network interface.

User Requirements

At the user's end, the requirements to work with Amazon Workspace are:

• Internet connection with open ports of TCP and UDP (Port 4172 and 4195).
• Users have to download a free Amazon WorkSpaces client application for their devices.

Creating an Amazon WorkSpace

It includes the following steps:

1. Login into the AWS account.
   • Search WorkSpaces from the services of AWS.
   • Click on the Get Started Now button.
   • Click on Quick Setup (for launching WorkSpaces for individuals or small groups) or you can go for Advance Setup to launch the workspace using on-premise and existing VPC.
2. Choose the required operating system bundle as per the user's need.
   • Choose a free tier to avoid charges.
   • Enter the user details and proceed with Launch WorkSpaces.
   • Click on View the WorkSpaces Console.
   • Wait until the status of your WorkSpace changes from Pending to Available.

Our Amazon Workspace has been successfully launched.

Downloading and Connecting to Amazon WorkSpace

It includes the following steps:

1. After the Amazon WorkSpace turns Available, an email is received.

   • Click on to link and update your profile by providing a new password.

   • Download clients for additional devices, and choose according to the device you use.

2. Click on Download and save it. Now run the saved file and install the software. Amazon WorkSpaces icon appears on the desktop.

3. After the installation, open the Amazon WorkSpaces icon and enter the registration code, which is available in the email from AWS.

   • Enter the Username and Password and click on Sign in.
   • Wait until the WorkSpace Client launches the desktop.

Amazon Workspace has been successfully connected.

Deleting an Amazon WorkSpace

It includes the following steps:

1. Select WorkSpace to delete, click on Actions, and proceed with Remove WorkSpaces.
   • After clicking on it, you get a notification. Click on Remove Workspaces.

• The removal process may take up to 5 minutes.

2. Wait till it terminates the WorkSpace and that WorkSpace doesn't exist anymore.

Now we can see our Amazon Workspace is not visible on the console. Hence, it has been successfully deleted.

Pricing

We can get started with WorkSpaces for free using the WorkSpaces free tier offer.

• Under the free tier, Amazon WorkSpaces provides two Standard bundles WorkSpaces with 80 GB Root and 50 GB User volumes. These workspaces run in AutoStop mode, for up to 40 hours of combined use per month. This is valid only for the first three billing cycles.

We have to pay only for what we use. Amazon Workspace is charged based on the bundle and the number of WorkSpaces launched.

AWS provides monthly or hourly billing for WorkSpaces.

• Under monthly billing, you need to pay a fixed monthly fee and get unlimited usage during the month. This works best if you are working full-time on Amazon WorkSpaces.
• Under hourly billing, you need to pay a small fixed monthly fee for each workspace which covers infrastructure and storage costs depending on use. An hourly rate is charged for each hour the workspace is used within the month. It works best for part-time workers or small projects.

Various other factors affect the pricing for Amazon WorkSpaces, primarily regions, OS types, and machine specifications.

It does not involve any additional cost if we use the default set of applications for Amazon Worskpace.