Category: Security, Identity, & Compliance

Managing passwords is a hassle, similar to how people misplace their keys. In the world of on-premises Active Directory (AD) environments, passwords represent a potential security risk and are a complicated issue to tackle. This is especially true for remote users that utilize Amazon WorkSpaces. They may encounter difficulties when it comes to password management—particularly […]

HHMI’s Janelia Research Campus in Ashburn, Virginia has an integrated team of lab scientists and tool-builders who pursue a small number of scientific questions with potential for transformative impact. To drive science forward, we share our methods, results, and tools with the scientific community. Introduction To study how the brain works, researchers often begin with […]

Today, organizations employ agents who utilize applications running in a Virtual Desktop Environment (VDI) such as Amazon WorkSpaces  that allows agents to use multiple applications in the cloud without incurring high costs of hardware procurement. In a VDI environment the Amazon Connect CCP (Contact Control Panel) can cause impact to audio quality, and is required […]

Increasingly organizations are standardizing on SAML 2.0 Identity Providers such as AWS IAM Identity Center and OKTA as their identity solution to access end user computing (EUC) services in AWS. With Certificate-based authentication (CBA), organizations can provide seamless authentication for our EUC services. Traditionally, the logon experience to a virtual desktop works by using the […]

The AS2TrustedDomains DNS TXT record can only enable the same domain (or subdomains) in which the DNS TXT record is created. In a scenario where you do not own the domain where your IdP resolves, an alternative architecture is required. In this blog, I outline the process to create an AS2TrustedDomains DNS TXT record for […]

Customers with strict compliance requirements such as financial industries, healthcare, and government sectors use End User Compute (EUC) solutions to regulate access and centralize tooling. For these organizations, users are often required to connect to a Virtual Private Network (VPN) to access the private corporate network. In this blog, I explain how users with such […]

In this blog, I discuss the benefits of using certificate-based authentication (CBA) for Amazon AppStream 2.0. I give an overview of the short-lived certificate mode offered by AWS Private Certificate Authority and why it is important to this use mode. Also, I walk you through the steps to configure CBA for Amazon AppStream 2.0. Amazon […]

In this blog, we discuss the benefits of using certificate-based authentication (CBA) for Amazon WorkSpaces. we give an overview of the short-lived CA mode offered by AWS Private Certificate Authority and why it is important to this use case. Also, we walk you through the steps to configure CBA for Amazon WorkSpaces. Amazon WorkSpaces certificate-based […]

Enterprises are seeking method to offer more secure authentication and a better user experience. Furthermore, they’re required to have centralized user Authentication and Authorization without the need to replicate user credentials and authorization in another Identity provider (IDP). In previous blog, we showed how to provide users with Single Sign-On (SSO) access to Amazon AppStream […]

This blog post shows you how to use application entitlements with Google WorkSpace authentication for your AppStream 2.0 stacks. Customers use Amazon AppStream 2.0 to manage applications centrally, and stream them to their end users. With application entitlements, you can control access to specific applications in the AppStream 2.0 application catalog based on SAML assertions. Using […]