How can I access the internet from my WorkSpace?

3 minute read
0

I want to turn on internet access from my WorkSpace in Amazon WorkSpaces. How can I do that?

Resolution

The method to turn on internet access from your WorkSpace differs depending on whether the WorkSpace is located in a private or public subnet. A public subnet sends outbound traffic directly to the internet using an internet gateway route. Instances in a private subnet access the internet using a network address translation (NAT) gateway that resides in the public subnet.

Important: The security group for your WorkSpaces must allow outbound traffic on ports 80 (HTTP) and 443 (HTTPS) to all destinations (0.0.0.0/0).

Turn on internet access from WorkSpaces located in a public subnet

A WorkSpace that's located in a public subnet must meet requirements to turn on internet access. The WorkSpace needs both a route to an internet gateway and a public IP address assignment.

  1. Create an internet gateway.
  2. Update the route tables for your public subnets. The default route (Destination 0.0.0.0/0) must target the internet gateway.

You can assign public IP addresses to your WorkSpaces automatically or manually.

Automatically assign public IP addresses

You can automatically assign public IP addresses to your WorkSpaces by turning on internet access on the WorkSpaces directory. After you turn on automatic assignment, each WorkSpace that you launch is assigned a public IP address. For instructions and more information, see Configure automatic IP addresses.

Note: WorkSpaces that already exist before you turn on automatic assignment don't receive an Elastic IP address until you rebuild them.

Manually assign public IP addresses

You can manually assign a public Elastic IP address using the Amazon Elastic Compute Cloud (Amazon EC2) console. For instructions, see How do I associate an Elastic IP address with a WorkSpace?

Turn on internet access from WorkSpaces located in a private subnet

If you use AWS Directory Service for Microsoft Active Directory, then configure the virtual private cloud (VPC) with one public subnet and two private subnets. You must configure your directory for the private subnets. To provide internet access to WorkSpaces in these private subnets, configure a NAT gateway in the public subnet.

  1. Create a NAT gateway.
  2. Update the route tables for the private subnets. The default route (Destination 0.0.0.0/0) must target the NAT gateway.

Related information

Provide internet access from your WorkSpace

Configure a VPC for WorkSpaces

Networking and access for WorkSpaces

AWS OFFICIAL
AWS OFFICIALUpdated a year ago