With this tutorial, you can build a dashboard that enables your help desk staff to view details for Amazon AppStream 2.0 fleets and Amazon WorkSpaces directories and instances. For both AppStream 2.0 and WorkSpaces, your staff can also use the dashboard to perform basic administrative tasks. For AppStream 2.0, they can monitor autoscaling activities and manage users’ streaming sessions. For WorkSpaces, they can send the registration code email to a user, or stop, start, restart, and restore a user’s WorkSpace. With this workflow, your teams don’t require access to the AppStream 2.0 console or WorkSpaces console, or cloud-based computing experience.

  • Enable website hosting for the Example Corp. End User Computing (EUC) dashboard by using Amazon Simple Storage Service (Amazon S3) and Amazon CloudFront.
  • Configure Amazon Cognito and AWS Single Sign-On (AWS SSO) to handle secure authentication to the dashboard.
  • Create a policy and role by using AWS Identity and Access Management (AWS IAM).
  • Create a function by using AWS Lambda. The function handles querying and actions taken for AppStream 2.0 and WorkSpaces resources.
  • Set up Amazon API Gateway to handle incoming web requests and pass the information to Lambda.
  • Set up and verify an email address identity by using Amazon Simple Email Service (Amazon SES). Amazon SES sends email to users about their WorkSpaces.

The application architecture uses Amazon CloudFront, Amazon S3, Amazon Cognito, AWS Single Sign-On, Amazon API Gateway, AWS IAM, AWS Lambda, Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon SES, as shown in the following diagram.

  1. Connectivity to the dashboard is set up using HTTPS through CloudFront.
  2. Authentication is processed through Amazon Cognito and AWS SSO.
  3. The webpage makes an API call to API Gateway. API Gateway runs a Lambda function and returns the data to the webpage for viewing.

End user computing (EUC)  dashboard application architecture

This tutorial includes six modules. You must complete each module before proceeding to the next.

  1. Host a static website and configure Amazon CloudFront.
  2. Build the authentication workflow.
  3. Build a serverless backend.
  4. Deploy a RESTful API.
  5. Customize the FROM address used for email communications with your users.
  6. Test your setup and clean up your project resources.

AWS Experience: We recommend familiarity with AppStream 2.0 and other AWS services. If you are new to AppStream 2.0, see the AppStream 2.0 Getting Started Guide. This guide describes how to:

  • Install and configure two applications. 
  • Perform foundational administrative tasks by using the AppStream 2.0 console.
  • Provision a virtual network in Amazon Virtual Private Cloud (Amazon VPC) by using a provided AWS CloudFormation template.

If you’re new to Amazon WorkSpaces, see Get Started with Amazon WorkSpaces Quick Setup in the Amazon WorkSpaces Administration Guide. This tutorial describes how to use the Amazon WorkSpaces Quick Setup option to launch a WorkSpace.

Time to complete: 2 hours for modules 1 to 6.  

Cost to complete:  Some of the services used in this project are eligible for the AWS Free Tier. To identify eligible services, see AWS Free Tier. If you’re outside the usage limits of the Free Tier, the total cost of completing this project will vary depending on your needs and configuration. Costs outside of the free tier will include hourly costs of fleet instances and Remote Desktop Service Subscriber Access License (RDS SAL) when connecting to the fleet. Details on fleet and RDS SAL pricing can be found here: AppStream2.0 Pricing. To reduce costs, we recommend that you terminate the resources that are associated with your project after you complete it. If you choose not to terminate your resources, we recommend that you stop your fleets, image builders, and WorkSpaces when you’re not using them.
 
Prerequisites: To complete this tutorial, you will need:
  • An AWS account: This lets you begin using AppStream 2.0 and other AWS services. For more information, see How do I create and activate a new Amazon Web Services account?
  • Either or both of the following:
    • AppStream 2.0 configured with at least one fleet. This configuration is required to generate the data that’s displayed in the dashboard. For information about how to set up this configuration, see the AppStream 2.0 Getting Started Guide.
    • Amazon WorkSpaces configured with at least one WorkSpace. This configuration is required to generate the data that’s displayed in the dashboard. For information about how to set up this configuration, see Get Started with Amazon WorkSpaces Quick Setup in the Amazon WorkSpaces Administration Guide.
  • Email accounts: Have access to at least one test user email address to complete the configuration described in this project.