AWS WorkSpaces

AWS WorkSpaces, or how can I provision 100s of desktops and apps automagically for the hordes working remotely, without losing (much of) my sanity...

Table of Contents

Intro

AWS WorkSpaces = Desktop + apps in the cloud, aka VDI. Shortest. Intro. Ever.

Business case

It basically writes itself - now that everyone and their dog (pun intended) works remotely, you've got to find a way to scale operations and enable staff to do their respective jobs from home.

Here's what you get (non-exhaustive list):

  • Pervasive access to your desktop (no vpn needed) with all of the apps you need.
  • Continuity - when you disconnect and log back in you can pick up from where you've left off - it is like closing the lid on your laptop.
  • Scalability - quickly provision and de-provision desktops as needed. Especially handy when working with vendors on projects for temporary access.
  • BYOD (because good luck buyng a laptop now). You also avoid the overhead and complexity of the logistics of buying, shipping and tracking assets.
  • Security  - data is not stored locallly.
  • Flexibility - can instantly change WorkSpace type and even allow employees to do so themselves, since we all know that they will be fiscally responsible stewards, for the more adventurous and flush with cash companies 😆
    Change Compute Type
    Put your caption here

Experiment(s)

Most other blogs cover the general use cases and WorkSpaces by itself exceedingly well. Here's what I think are some winning strategies for deployment:

Ultimate stack:

Thin/Zero clients + AWS WorkSpaces + AWS WorkSpaces Manager + Workdocs. Let's unpack. 

  • Thin & Zero Clients - they are inexpensive & inherently more secure by virtue of not having any local storage. Just point it to the AWS Broker and go. Here's how. 
Dell Wyse 5040 ThinOS running AWS WorkSpaces
Dell Wyse 5040 All in One Thin Client, running ThinOS, connected to AWS WorkSpaces
  • Gotchas:
    • Dell (and perhaps other vendors also) offers thin clients with and without PCoIP - buy the model(s) with PCoIP. Thank me later. 
    • If you are trying to deploy an application via WorkSpaces Manager and you are  not seeing the Amazon WAM Client shortcut on your desktop and nothing happens, as was my case, do this while remoted into your WorkSpaces:

      1. On the Windows Start menu, choose Windows System, then choose Command Prompt.
      2. In the Command Prompt window, enter the following commands, one at a time, and press Enter after each command:

      c:
      cd "Program Files\Amazon"C:\Program Files\Amazon>WorkSpacesApplicationManager.exe

  • AWS WorkSpaces Manager - you can provision free and paid applications to your WorkSpaces users and groups, and publish them as either mandatory or optional. Beyond the ones you can find on the AWS Marketplace, you can also roll your own. It does have some prerequisites  - you have to spin up an EC2 instance that is configured for packaging Amazon WAM applications, and yes, you will be charged for the resources and bandwidth in true Amazon fashion. 
  • Workdocs - cloud storage for your files + collaboration. If you've used Box, OneDrive, Google drive, etc. you will be at home with Workdocs. The nice thing is that Workdocs is free when used in conjunction wiht WorkSpaces.

What if you want videoconferencing

$200 and four weeks after you've placed an order for a webcam (that used to cost less than $50), you naturally would like to flex like the bougie person that you are. Unfortunately with the standard WorkSpaces offering there is no support for webcam redirection. You need to switch to the new, currently in beta client, which uses the Workspace Streaming Protocol (WSP) removing that limitation. You will need to 1) either spin up a new workspace with WSP, or migrate your existing one (which you shouldn't do if you are using it in production), and 2) download the beta WSP client. 

Some visuals:

Migrate WorkSpaces
You can migrate your WorkSpace to support WSP
AWS WorkSpaces WSP client
AWS WorkSpaces WSP client (beta) - notice the new icon
Webcam using AWS WorkSpaces Beta WSP
Yes, I put on the jacket specifically for this post

 Alternatives

There is Windows Virtual Desktop (WVD). It is a pretty solid contender and honestly, IMHO, for entities that already own Windows 10 Enterprise subscription and Microsoft 365, cost savings alone will justify Azure and WVD. In addition to that, unlike AWS WS which really is MS Server 2016 with desktop experience, WVD offers true Window 10 desktop.  It also offers Windows 10 multi-session - think RDS but you don't need a server and a corresponding CAL, unlocking further cost savings. Teams A/V redirection also seems to be baked in. 

Resources

 From AWS:

Other sources:

You should also read: