AWS Virtual Desktop - AWS Workspaces

With Terraform Deployment

Published Mar 2, 2024
Have you been wondering what's AWS workspaces? Well i am here to tell you AWS workspaces is a virtual desktop in AWS cloud.
*What's VDI? *
Virtual desktop infrastructure (VDI) is the creation and management of desktop environments and applications that allow users to manage and access applications and services outside the office, in the office, or from a remote location.
There are two types of virtual desktop infrastructure deployment:
  • Persistent VDI deployment (personal)
  • Nonpersistent VDI deployment (pooled)
Microsoft Remote Desktop Service also called Terminal servers where we deploy VDI or Session-host based on our on-premises infrastructure, although there are different organization like Citrix, VMware and others.
Now let's talk about AWS.
AWS Workspaces is a Desktop-as-a-Service (DaaS) solution, it requires an organization to have Active Directory (AD) services for their desktops, just like Azure Virtual desktop or Microsoft Remote desktop services VDI.
Key things to note when deploying AWS workspaces:
You have the option to deploy 2 subnets in different availability zone:
2 Private subnets or 2 public subnets
You have to choose of the directory types:
  • AWS Managed Microsoft AD
  • Simple AD
  • AD Connector
VPC Settings.
It's best practice to deploy your directory service in a private subnet.
You can create a VPC with two private subnets for your Workspaces and a NAT gateway in a public subnet.
You create a VPC with two public subnets for your Workspaces and associate an Elastic IP address with each Workspace.
N: B subnets must reside in different Availability Zones.
Amazon Workspaces supports two protocols: PCoIP and WSP.
  • Creates an IAM role to allow the Workspaces service to create elastic network interfaces and list your Workspaces directories.
  • Creates a virtual private cloud (VPC).
  • Sets up a Simple AD directory in the VPC and enables it for Amazon Work Docs. This Simple AD directory is used to store user and Workspace information.
  • Creates the specified AWS accounts and adds them to the directory.
  • Creates Workspaces. Each Workspace receives a public IP address to provide internet access.
  • Sends invitation emails to the specified users.
The script link is posted below and on GitHub, also you can edit and add as it is open.
There are different steps to deploy AWS workspaces.
You can make use of terraform or AWS console.
In this exercise, we deployed workspaces using terraform.
Step 1: Create the .tf files.
Step 2: Define the Provider and profile.
Step 3: Create the Network (VPC, Subnets, etc.)
Step 4: Deploy AWS Directory Service
Step 5: Updating the DHCP Options in the VPC to Use AWS Directory Service DNS Servers
Step 6: Create IAM role for workspace.
Step 7: Create an AWS Workspaces Directory
Step 8: Define the Amazon Workspaces Bundle (Note. differs by region)
Step 9: Deploy an Amazon Workspaces
Step 10: Execute the terraform command to initialize the working Directory.
Step 11: Apply the changes & verify the resource.
Step 12: Destroy all resources (optional)
Download the files on GitHub and deploy terraform.
NOTE: There will be a part 2, as noticed i was not able to create more users using AWS Managed Directory or Simple AD, I will work with other AWS community builders and update on GitHub with a blog.
I wish you all the best and very much open to feedback.