Posted On: Apr 30, 2018

Amazon WorkSpaces now provides you with the ability to control the IP addresses from which your WorkSpaces can be accessed. Using IP address-based control groups, you can define and manage groups of trusted IP addresses, and only allow users to access their WorkSpaces when they're connected to a trusted network. This feature helps you gain greater control over your security posture. 

IP Access Control Groups can be added at the WorkSpaces directory level. There are two ways to get started using IP Access Control Groups. First, from the WorkSpaces management console, you can create IP Access Control Groups on the IP Access Controls page. You can add rules to these groups by entering the IP addresses or IP ranges from which your WorkSpaces can be accessed. These groups can then be added to your directories on the Update Details page. Second, you can use WorkSpaces APIs to create, delete, and view groups; create or delete access rules; or to add and remove groups from directories.

This feature is available today in all AWS Regions where WorkSpaces is available. To learn more about IP Access Control Groups in WorkSpaces, visit our documentation site. To start using IP Access Control Groups, log in to the WorkSpaces management console or access the AWS Command Line Interface.

Amazon WorkSpaces is a fully managed, secure Desktop-as-a-Service (DaaS) solution which runs on AWS. With WorkSpaces, you can provision virtual, cloud-based desktops for your users, providing them access to the documents, applications, and resources they need, anywhere, anytime, from any supported device.