Amazon WorkSpace is a fully managed, secure desktop computing service which runs on the AWS cloud.
WorkSpace is a cloud-based virtual desktop that can act as a replacement for a traditional desktop
A WorkSpace is available as a bundle of compute resources, storage space, and software applications that allows a user to perform day-to-day tasks just like using a traditional desktop
WorkSpace allows user to easily provision cloud-based virtual desktops and provide users access to the documents, applications, and resources they need from any supported device, including computers, Chromebooks, iPads, Fire tablets, and Android tablets.
Each WorkSpace runs on an individual instance for the user it is assigned to and Applications and users’ documents and settings are persistent.
User can login into the WorkSpace using their own credentials set when the instance is provisioned
WorkSpaces service integrates with existing Active Directory domain, users will sign in with their regular Active Directory credentials.
WorkSpaces also integrates with existing RADIUS server to enable multi-factor authentication (MFA).
Backup and Encryption
User volume (D:) is backed up every 12 hours and if the WorkSpace fails, AWS can restore the volume from the backup
WorkSpaces supports root volume (C: drive) and user volume (D: drive) encryption
WorkSpaces uses EBS volumes that can be encrypted on WorkSpace creation, providing encryption for data stored at rest, disk I/O to the volume, and snapshots created from the volume.
WorkSpaces integrates with the AWS KMS service with the ability to provide keys for encrypting the volumes
WAM offers a fast, flexible, and secure way for you to deploy and manage applications for Amazon WorkSpaces.
WAM accelerates software deployment, upgrades, patching, and retirement by packaging Microsoft Windows desktop applications into virtualized application containers that run as though they are natively installed.
AWS Certification Exam Practice Questions
Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
AWS services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
AWS exam questions are not updated to keep up the pace with AWS updates, so even if the underlying feature has changed the question might not be updated
Open to further feedback, discussion and correction.
A company needs to deploy virtual desktops to its customers in a virtual private cloud, leveraging existing security controls. Which set of AWS services and features will meet the company’s requirements?
Virtual Private Network connection. AWS Directory Services, and ClassicLink (ClassicLink allows you to link an EC2-Classic instance to a VPC in your account, within the same region)
Virtual Private Network connection. AWS Directory Services, and Amazon Workspaces (WorkSpaces for Virtual desktops, and AWS Directory Services to authenticate to an existing on-premises AD through VPN)
AWS Directory Service, Amazon Workspaces, and AWS Identity and Access Management (AD service needs a VPN connection to interact with an On-premise AD directory)
Amazon Elastic Compute Cloud, and AWS Identity and Access Management (Need WorkSpaces for virtual desktops)