AWS EUC @re:Invent: Enable secure access to private resources with Amazon WorkSpaces Web

Do you need to provide users with access to sensitive, internal, web applications in a secure environment? Or do you need to provide remote users with access to SaaS applications that are typically accessible only from your corporate network? Are you interested in preventing data exfiltration from web applications in your internal network? Want to minimize the effort required to set this up and manage the environment? Then workshop EUC304 covering Amazon WorkSpaces Web is for you!

Join me, and my fellow End User Computing specialist Spencer DeBrosse, as well as a team of expert facilitators, as we guide you through deploying WorkSpaces Web from scratch! In this workshop, you get hands-on experience with the service. You cover common governance and security use cases so you can feel comfortable deploying this service on your own, or architecting a solution with a partner. This WorkSpaces Web workshop gives you an opportunity to gain experience with WorkSpaces Web in a lab environment to better understand the use cases for this managed service. They say what happens in Vegas stays in Vegas – but now you get WorkSpaces Web to take back to your organization.

I’ve been with AWS for almost 3.5 years. I specialize in End User Computing services and have deep experience in automation, CI/CD, disaster recovery, and microservices architecture. I’ve published 6 blog posts across several topics like Amazon WorkSpaces, Amazon AppStream 2.0, Single Sign-On, and security tooling and I’m looking forward to hosting my first workshop at re:Invent. Spencer is a Principal Solutions Architect at Amazon Web Services (AWS). For the last six years, he’s helped state and local government customers migrate to the cloud. He specializes in end user computing and helping customer implement security and governance in AWS. We’re very much looking forward to get the chance to meet you all in person, guide you through the workshop and help you be successful.

With WorkSpaces Web you can access SaaS and internal apps via a secure web browser with no VPN and no data being transmitted to end-user devices. WorkSpaces Web supports automated scaling, AWS-managed images, and enterprise controls. All with a predictable low price point. If you have any questions or want to dive deeper into details, a team of expert facilitators are on-hand to answer your questions directly.

In this workshop you deploy a virtual private cloud (VPC), and an internally accessible website using infrastructure as code (IaC) via CloudFormation. You deploy, with expert facilitators on-hand, a web portal and configure authentication using a single sign-on provider to demonstrate accessing an internal website using WorkSpaces Web. The workshop guides you through how to configure logging of DNS requests and how to query CloudWatch Logs for visited websites: a common ask from customers using WorkSpaces Web in production today.

In this workshop, you learn how to implement DNS Firewall to block specific websites or domains to meet your organization’s web access policies. You use a Chrome browser policy to configure security settings and browser preferences to demonstrate the customizability of the Workspaces Web service.

Come along to understand real-world use cases. Spencer and I, and the WorkSpaces Web workshop support team will be available to help you walk through a typical real-world use case of preventing data exfiltration. In our example, data scientists using SageMaker Notebooks with WorkSpaces Web need data access in a secure environment: come along to ask questions about your use cases.

We look forward to seeing you at re:Invent and helping you discover how WorkSpaces Web can help you help your organization access SaaS and internal apps via a secure browser with no VPN and no data being saved to end-user devices

Note that this workshop requires attendees to have an existing AWS Account or create a new AWS Account during the session. The cost of the session will be covered with service credits that will be provided to attendees during the workshop lab.

To sign-up for this workshop search for EUC304 on this page: https://portal.awsevents.com/events/reinvent2022/dashboard/event/sessions/end-user-computing

Please join us at the End User Compute reception on November 30 6:00-9:00 PM PST by registering at this link: https://aws-euc-reception.splashthat.com/

	Grant Joslyn is a solutions architect for the US state and local government public sector team at Amazon Web Services (AWS). He specializes in end user compute and cloud automation. He provides technical and architectural guidance to customers building secure solutions on AWS. He is a subject matter expert and thought leader for strategic initiatives that help customers embrace DevOps practices.
	Spencer DeBrosse is a principal solutions architect at Amazon Web Services (AWS). He helps state and local government customers migrate to the cloud. He specializes in end user computing and helping customer implement security and governance policies in AWS.