Tag: EUC

Amazon AppStream 2.0 supports identity federation to AppStream 2.0 stacks through Security Assertion Markup Language 2.0 (SAML 2.0). This feature offers your users the convenience of access to their AppStream 2.0 applications using their existing identity credentials. You also have the security benefit of identity authentication by your IdP. By using your IdP, you can […]

In this blog, I walk you through configuring Amazon WorkSpaces multi-factor authentication (MFA) with OneLogin. Solution overview The steps to work through this blog are: Configure OneLogin RADIUS for use with Amazon WorkSpaces. Configure Active Directory Connector for MFA. Test logon. Prerequisites: This post assumes you have the following. A OneLogin account. OneLogin Active Directory […]

Customers use Amazon AppStream 2.0 to centrally manage applications and stream them to their end users. Organizations have multiple stacks associated with different fleets to separate workloads based on underlying resources, applications, or different user permissions. Administrators want a way to manage permissions for multiple stacks without having to create an IAM identity provider for […]

The default behavior of an Amazon AppStream 2.0 Stack is to present all the applications to the end user that were added to the application catalog by the administrator creating the image. Customers accustomed to targeting individual applications to end users based on Active Directory group membership can also continue to do so using the […]

SimpleSAMLphp is an open-source project written in native PHP that deals with authentication for SAML 2.0 as a Service Provider and as an Identity Provider. You can use single sign-on with Amazon AppStream 2.0 with many identity services that are compliant with Security Assertion Markup Language 2.0 (SAML 2.0). This post explains how to configure federated user […]

The Challenge On February 28th 2020, due to the COVID-19 pandemic, Amazon announced that we had taken steps to protect the health of our employees and communities. This included canceling large events, moving stakeholder meetings online, and pausing tours of fulfillment centers. As of this post, Amazon has continued to invest more than $8 billion […]

Customers use Amazon AppStream 2.0 to centrally manage applications and stream them to their end users. Organizations have multiple stacks associated with different fleets to separate workloads based on underlying resources, applications, or different user permissions. In this blog post I show you how to use session tags in the SAML assertion to be used […]

Customers ask how to analyze Amazon AppStream 2.0 home folder usage so they can track related spend, manage usage, and administer AppStream 2.0 home folders. Customers have questions like: “How much data is User1 using in AppStream 2.0 home folders?” “What are the top 10 largest files being stored and who owns them?” This blog […]

Shibboleth is an open-source project that provides single sign-on capabilities and identity federation solution used by research and education communities worldwide. If you are already using Shibboleth IdP, this post shows you how to configure it for Security Assertion Markup Language 2.0 (SAML 2.0) identity federation with Amazon AppStream 2.0. Overview The AppStream 2.0 SAML […]

Some of our customers using Amazon AppStream 2.0 leverage multi-account setups to separate their AppStream 2.0 resources. For these customers, there are many reasons they choose to separate their AppStream 2.0 resources into multiple accounts. However, the most common reasons our customers do this, is for resource and billing isolation and enhanced security. For example, […]