A number of other directory service providersĪppStream 2.0 also supports built-in user directory.AWS IAM Identity Centre (previously known as AWS SSO).This opens the door to many directory service providers, such as: The flexibility in directory servicesĪppStream 2.0 offers rich directory service options. This way, files can be transferred securely to the FSx shared storage, with the governance of an AWS managed Microsoft AD Domain Services. Innovative ways are there, such as having Amazon FSx in the organisation’s VPC connecting to AppStream 2.0, to provide the persistent storage of the home folders. And there are circumstances where users have found AppStream 2.0 handy.ĪppStream 2.0 allows two-way file transfer between the user’s local computer and the home folder. Of course, there are multiple ways to do this securely. Imagine a scenario in which a user would like to transfer a file from their local computer to a server/service located in their organisation’s AWS VPC. Many enterprise and government customers find the file transfer capability a nice feature of AppStream 2.0, compared to, say, Workspaces. The data is encrypted in transit (using S3 SSL endpoints) between the AppStream fleet and S3 and encrypted at rest in the bucket (using S3 managed encryption keys).ĪppStream 2.0 can also have other persistent storage through:īesides the above, using Amazon FSx is another option, which actually comes with interesting benefits, one of them being file transfer. This is because the contents in home folders are synced to an S3 bucket. One may wonder how a folder can survive when the environment itself is not there anymore after each session. If an AppStream user would like to keep some data/files permanently, their home folder is there for them to use. But it is common to have user data generated or imported.Įven though AppStream 2.0 sessions are non-persistent, the users’ home folders are. In typical AppStream 2.0 setups, users like to operate a number of applications – they do not need a full-blown virtual desktop. The home folder and file transfer capability Again, there are answers to such questions and considerations should always be examined for each scenario. There are also the aspects that the logs in non-persistent compute environments don’t persist either, which may raise questions when completing a compliance program. This is a good example of when a capable cloud service provider, that has taken the time to understand a customer’s environment and their business requirements, would get the best outcomes for the customer. Though please do note, each organisation’s settings, posture and context may be different when going through a compliance program – the fit for purpose of AppStream 2.0 as privileged admin desktops, or the fit for purpose of any given service, is to be examined in that particular context.ĪppStream 2.0 Desktop, an application in AppStream for example, is subject to further interpretation. In the settings of some enterprise and government customers, AppStream 2.0 could provide decent and convincing arguments for many compliance line items. Enterprise and government customers know too well the journey of going through those hundreds of line items with compliance assessors and the importance of proper interpretation of each control in the right context. Such considerations can be particularly relevant in security compliance programs. Some enterprise customers have found this useful when used as some type of privileged admin desktop for application and infrastructure support - where lock downs have been implemented and exposure surface minimised.Ĭommonly seen applications through AppStream privileged admin sessions include, but are not limited to: The virtual desktops are deleted after each respective session What a user can do in an AppStream session is pre-defined, and These virtual end-user compute sessions, powered in the backend by an elastic AppStream fleet and in a presenting form of an application streaming service, are torn down once the user sessions are completed. People call AppStream 2.0 a non-persistent ‘virtual desktop’ service. In this blog, I discuss several scenarios that saw AppStream 2.0 help some of my enterprise customers with their specific needs. After all, each customer may find different use cases for this flexible yet powerful AWS service. This blog is not a tutorial on AppStream 2.0. Other services in AWS EUC include Amazon WorkSpaces, Amazon WorkSpaces Web (not to be confused with WorkSpaces) and Amazon WorkDocs. It sits in the AWS End User Computing (EUC) business unit. Amazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service that provides users access to desktop applications from anywhere through HTML5 web clients.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |