Uncategorized

Every WorkSpace is linked to the specific Amazon VPC and AWS Directory Service construct that was utilized to create it. Each AWS Directory Service construct (Simple AD, AD Connector, and Microsoft AD) needs two subnets, in different Availability Zones (AZs), to function. Once created, these subnets are permanently tied to a Directory Service construct and cannot be altered. Hence, it’s crucial to determine the appropriate subnet sizes prior to creating the Directory Services construct.

While creating the subnets, consider:

• The number of WorkSpaces required over time
• The projected growth
• The types of users to accommodate
• The number of AD domains to connect
• The location of your enterprise accounts

Amazon suggests establishing user groups, or personas, based on access type and user authentication requirements as part of your planning. These insights can assist in restricting access to specific applications or resources. User personas can guide segmentation and restriction of access using AWS Directory Service, network access control lists, routing tables, and VPC security groups.

Each AWS Directory Service construct employs two subnets and applies uniform settings to all WorkSpaces launched from that construct. For instance, a security group attached to an AD Connector could dictate whether Multi-Factor Authentication (MFA) is necessary or whether an end-user can have local admin access on their WorkSpace.

Remember that each AD Connector links to your existing Enterprise Microsoft AD. To specify an Organizational Unit (OU) and leverage this capability, your Directory Service must be constructed with your user personas in mind.

Amazon WorkSpaces employs two protocols: PCoIP and WorkSpaces Streaming Protocol (WSP). The selection of the protocol is influenced by various factors such as the devices from which users will access their WorkSpaces, the operating system of your WorkSpaces, the network conditions that users will encounter, and the need for bidirectional video support.

PCoIP should be utilized under the following circumstances:

• When using iPad or Android Linux clients.
• When employing Teradici zero client devices.
• When GPU-based bundles (like Graphics.g4dn, GraphicsPro.g4dn, Graphics, or GraphicsPro) are required.
• When a Linux bundle is needed for non-smart card use cases.
• When using WorkSpaces in the China (Ningxia) Region.

WSP is recommended in these situations:

• When there is a requirement for greater tolerance for loss/latency to accommodate your end user network conditions, such as when users access their WorkSpaces across global distances or through unreliable networks.
• When users need to authenticate with smart cards or use smart cards within a session.
• When in-session webcam support capabilities are necessary.
• When using Web Access with the Windows Server 2019-powered WorkSpaces bundle.
• When using Ubuntu WorkSpaces.
• When using Windows 11 BYOL WorkSpaces.

It’s important to note that a directory can contain a combination of PCoIP and WSP WorkSpaces. A user can have both a PCoIP and a WSP WorkSpace, provided the two WorkSpaces are in separate directories. The same user cannot have a PCoIP and a WSP WorkSpace in the same directory. Further information about creating multiple WorkSpaces for a user can be found in the “Create multiple WorkSpaces for a user” section.

WorkSpaces migration feature can be used to switch a WorkSpace between the two protocols, but this requires a rebuild of the WorkSpace. For more details, refer to the “Migrate a WorkSpace” section.

If your WorkSpace was created with PCoIP bundles, you can change the streaming protocol to switch between the two protocols without needing a rebuild, while keeping the root volume intact. More information can be found in the “Modify protocols” section.

For optimal video conferencing experience, the use of Power or PowerPro bundles is recommended.

https://docs.aws.amazon.com/workspaces/latest/adminguide/amazon-workspaces-protocols.html

https://66bd1a77-d949-4e83-aca3-34293141798c.workspaces-web.com

https://azchesscentral.okta.com/home/azchesscentral_amazonworkspaceswebto1912_1/0oaslse6mxfoaoWOH357/alnslsy4l8lpsMMJ8357

Welcome to tokeshi.com! This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit and interact with our website. By accessing or using our website, you agree to the terms of this Privacy Policy. If you do not agree with any part of this Policy, please refrain from using our website.

1. Information We Collect

1.1. Personal Information: When you visit our website, we may collect personal information that you voluntarily provide, such as your name and email address when submitting a contact form or subscribing to our newsletter. We only collect personal information that is necessary for the purposes outlined in this Policy.

1.2. Non-Personal Information: We may also collect non-personal information, such as your IP address, browser type, device information, and usage statistics. This information is used to analyze trends, administer the website, and improve user experience.

2. Use of Information

2.1. We use the collected information for the following purposes:

a) To provide and personalize our website’s content and services.

b) To communicate with you, respond to inquiries, and provide updates.

c) To improve our website, products, and services based on your feedback.

d) To send promotional emails or newsletters with your consent, which you can opt out of at any time.

e) To ensure the security and integrity of our website and protect against unauthorized access or misuse.

3. Disclosure of Information

3.1. We may disclose your personal information to third parties in the following cases:

a) Service Providers: We may share your information with trusted service providers who assist us in operating our website and delivering services to you, such as hosting providers or email service providers. These third parties are contractually obligated to handle your information securely and in accordance with applicable laws.

b) Legal Compliance: We may disclose your information if required by law or in response to valid legal requests, such as subpoenas or court orders.

c) Protection of Rights: We may disclose your information to protect our rights, enforce our Terms of Service, or investigate potential violations or fraudulent activities.

4. Data Security

4.1. We implement reasonable security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

5. Third-Party Links and Services

5.1. Our website may contain links to third-party websites or services that are not owned or controlled by us. We do not assume any responsibility for the privacy practices, content, or actions of these third-party websites or services. We encourage you to review their respective privacy policies before providing any personal information.

6. Children’s Privacy

6.1. Our website is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided personal information to us, please contact us, and we will promptly remove the information from our records.

7. Changes to this Privacy Policy

7.1. We reserve the right to modify or update this Privacy Policy at any time without prior notice. The updated Privacy Policy will be effective upon posting on our website. We encourage you to review this Policy periodically for any changes. Your continued use of our website after the posting of any modifications constitutes your acceptance of the revised Privacy Policy.

8. Contact Us

8.1. If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at privacy@tokeshi.com.

To use CloudFormation to create an Amazon WorkSpaces instance, you can follow these steps:1. Create a CloudFormation template: You can create a CloudFormation template in JSON or YAML format. The template should include the necessary resources to create an Amazon WorkSpaces instance, such as the WorkSpaces directory, WorkSpaces subnet, and WorkSpaces bundle.2. Define the WorkSpaces directory: In the CloudFormation template, you need to define the WorkSpaces directory. This includes specifying the directory name,

Resources:
MyWorkspace:
Type: AWS::WorkSpaces::Workspace
Properties:
BundleId: bundle-id
DirectoryId: directory-id
UserName: user-name
RootVolumeEncryptionEnabled: true/false
UserVolumeEncryptionEnabled: true

To list all instances in the AWS CLI, you can use the aws ec2 describe-instances command. Here’s an example:

aws ec2 describe-instances

This will return a list of all instances in your default region, along with their details such as instance ID, instance type, status, and more.

If you want to filter the results based on certain criteria, you can use various filters with the --filters option. For example, if you only want to list instances with a specific tag, you can use the following command:aws ec2 describe-instances --filters "Name=tag:Name,Values=my-instance"

This will only return instances that have a tag named “Name” with a value of “my-instance”. You can modify the filter to suit your needs.

Note that you’ll need to have the appropriate permissions to run this command. If you encounter any issues, check your IAM user’s permissions or consult with your AWS administrator.

To only get the output of just instance IDs in the AWS CLI, you can use the --query parameter with a JMESPath expression. Here’s an example command:

aws ec2 describe-instances --query 'Reservations[].Instances[].InstanceId' --output text

This command uses a JMESPath expression to query the InstanceId attribute of each instance and return only that value. The --output parameter is set to text to ensure that the output is in plain text format.

The result will be a list of instance IDs.

Remember that you can run was CLI commands at the bottom of the console by enabling CloudShell.

To install Terraform on a Mac, you can follow these steps:

Option 1

Use Brew

brew tap hashicorp/tap
brew install hashicorp/tap/terraform

Option 2

Download the Terraform package: Go to the Terraform downloads page at https://www.terraform.io/downloads.html and download the package for your Mac. You can choose between a 32-bit or 64-bit version.

Unzip the package: Once you download the package, unzip it to a directory of your choice. You can use the following command in the terminal:

unzip terraform__darwin_amd64.zip

Replace with the version number of the package you downloaded.

Move the binary to a directory in your PATH: Once you unzip the package, move the Terraform binary to a directory in your PATH. You can use the following command in the terminal:

sudo mv terraform /usr/local/bin/

This will move the binary to the /usr/local/bin directory, which is usually included in the PATH environment variable.

Verify the installation: To verify that Terraform is installed correctly, open a new terminal window and run the following command:

terraform version

This should display the version number of the Terraform binary you installed.

That’s it! You have now installed Terraform on your Mac and are ready to use it to manage your infrastructure.

The AWS Artifact Reports page now offers on-demand access to security compliance reports of third-party software vendors who sell their products through AWS Marketplace. AWS customers can download and review the reports shared by the ISV to accelerate their procurement cycle. The reports are only accessible to customers who have been granted access to AWS Marketplace Vendor Insights for a specific ISV. The reports are available in all commercial AWS Regions where AWS Artifact is available. To get started, customers can refer to the AWS Artifact console, Third-Party reports FAQ section, API Documentation, CloudTrail Integration, and AWS Artifact Forum.

AWS Artifact is a web-based tool from Amazon Web Services (AWS) that provides on-demand access to compliance reports, security and privacy audit documents, and other agreements related to AWS services and products. AWS Artifact makes it easy for customers to download these documents and manage their compliance obligations. It also helps customers understand the compliance status of their AWS environment.

https://aws.amazon.com/marketplace/features/vendor-insights/

Here is a quick query when you are looking for events in CloudTrail. First, export to Athena.
Then create a query that references the table: Now you are ready for some SQL

In the example below I am getting entries from “TableName” and the service is Amazon WorkSpaces. That has a source of workspaces.amazonaws.com

SELECT 
    eventsource,
    eventname
FROM TableName
WHERE eventsource = 'workspaces.amazonaws.com' 
ORDER by eventtime
LIMIT 100;

Creating the detailed entries for the Citrix InstanceTypes.xml file. Here is how to get the detailed instance information from AWS.

aws ec2 describe-instance-types --instance-type m5.large

This command will get the details for the m5.large instance. The output looks like this: