Enable and Administer Google Drive for Your AppStream 2.0 Users - Amazon AppStream 2.0
Enable Google Drive for Your AppStream 2.0 UsersDisable Google Drive for Your AppStream 2.0 Users

Enable and Administer Google Drive for Your AppStream 2.0 Users

Note

Amazon AppStream 2.0's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Amazon AppStream 2.0 supports the following persistent storage options for users in your organization:

  • Google Drive for Google Workspace

  • OneDrive for Business

  • Home folders

You can enable one or more options for your organization. When you enable Google Drive for Google Workspace for an AppStream 2.0 stack, users of the stack can link their Google Drive for Google Workspace account to AppStream 2.0. Then they can sign into their Google Drive for Google Workspace account and access their Google Drive folder during application streaming sessions. Any changes that they make to files or folders in Google Drive during those sessions are automatically backed up and synchronized, so that they are available to users outside of their streaming sessions.

Important

You can enable Google Drive for Google Workspace for accounts in your Google Workspace domains only, but not for personal Gmail accounts.

Note

You can enable Google Drive for Windows stacks, but not for Linux stacks or stacks associated with multi-session fleets.

Enable Google Drive for Your AppStream 2.0 Users

Before enabling Google Drive, you must do the following:

  • Have an active Google Workspace account with a valid organizational domain and users in the domain to use with AppStream 2.0.

  • Configure an AppStream 2.0 stack with an associated fleet.

    The fleet must use an image that uses a version of the AppStream 2.0 agent released on or after May 31, 2018. For more information, see AppStream 2.0 Agent Release Notes. The fleet must also have access to the internet.

  • Add Amazon AppStream 2.0 as a trusted app in one or more domains associated with your Google Workspace account. You can enable Google Drive for up to 10 domains.

  • Have a Windows-based stack. (Linux-based stacks are not supported).

Follow these steps to add Amazon AppStream 2.0 as a trusted app in your Google Workspace domains.

To add Amazon AppStream 2.0 as a trusted app in your Google Workspace domains

  1. Sign in to the Google Workspace Admin console at https://admin.google.com/.

  2. In the left navigation sidebar, choose Security, Access and data control, API controls.

  3. At the top of the page, in the App access control section, choose MANAGE THIRD-PARTY APP ACCESS.

  4. Choose Add app, and then choose OAuth App Name Or Client ID.

  5. Enter the Amazon AppStream 2.0 OAuth client ID for your AWS Region, and then choose SEARCH. For a list of client IDs, see the table that follows this procedure.

  6. In the search results, choose Amazon AppStream 2.0, and then choose Select.

  7. In the Client ID page, under OAuth Client ID, verify that the correct ID appears in the list, and then select the check box to the left of the ID.

  8. On the lower right of the page, choose SELECT.

  9. Configure which organizational units in your Google Workspace organization should gain access.

  10. Under Access to Google Data, choose Trusted: Can access all Google services, and then choose CONTINUE.

  11. Review that the selections made are correct, then when you are satisfied, choose FINISH.

  12. Verify that the Amazon AppStream 2.0 app, with the correct OAuth ID, appears in the list of connected apps.

Amazon AppStream 2.0 OAuth2 client IDs
Region Amazon AppStream 2.0 OAuth client ID
US East (N. Virginia) 266080779488-15n5q5nkiclp6m524qibnmhmbsg0hk92.apps.googleusercontent.com
US East (Ohio) 723951369598-6tvdlf52g2qh0qa141o4k1avasvnj51i.apps.googleusercontent.com
US West (Oregon) 1026466167591-i4jmemrggsjomp9tnkkcs5tniggfiujb.apps.googleusercontent.com
Asia Pacific (Mumbai) 325827353178-coqs1c374mf388ctllrlls374dc1bmb2.apps.googleusercontent.com
Asia Pacific (Seoul) 562383781419-am1i2dnvt050tmdltsvr36i8l2js40dj.apps.googleusercontent.com
Asia Pacific (Singapore) 856871139998-4eia2n1db5j6gtv4c1rdte1fh1gec8vs.apps.googleusercontent.com
Asia Pacific (Sydney) 151535156524-b889372osskprm4dt1clpm53mo3m9omp.apps.googleusercontent.com
Asia Pacific (Tokyo) 922579247628-qpl9kpihg3hu5dul2lphbjs4qbg6mjm2.apps.googleusercontent.com
Canada (Central) 872792838542-t39aqh72jv895c89thtk6v83sl6jugm2.apps.googleusercontent.com
Europe (Frankfurt) 643727794574-1se5360a77i84je9j3ap12obov1ib76q.apps.googleusercontent.com
Europe (Ireland) 599492309098-098muc7ofjfo9vua5rm5u9q2k3mlok3j.apps.googleusercontent.com
Europe (London) 682555519925-usbn2sk1ffgo8odgf23nj66ri71na0k5.apps.googleusercontent.com
AWS GovCloud (US-East)

20306576244-gqqkappmhhv9fj06sdk7as60he89e7ce.apps.googleusercontent.com

Note

For more information about using AppStream 2.0 in the AWS GovCloud (US) Regions, see Amazon AppStream 2.0 in the AWS GovCloud (US) User Guide.
AWS GovCloud (US-West)

996065833880-litfkb2vfd7c65nt7s24r7t8le5bc9bl.apps.googleusercontent.com

Note

For more information about using AppStream 2.0 in the AWS GovCloud (US) Regions, see Amazon AppStream 2.0 in the AWS GovCloud (US) User Guide.
South America (São Paulo) 891888628791-1ltbtedva29esqvqadiatlj4htcgcjfo.apps.googleusercontent.com

Follow these steps to enable Google Drive for your AppStream 2.0 users.

To enable Google Drive while creating a stack

  • Follow the steps in Create a Stack, make sure that Enable Google Drive is selected, and that you have specified at least one organizational domain associated with your Google Workspace account.

To enable Google Drive for an existing stack

  1. Open the AppStream 2.0 console at https://console.aws.amazon.com/appstream2.

  2. In the left navigation pane, choose Stacks, and select the stack for which to enable Google Drive.

  3. Below the stacks list, choose Storage and select Enable Google Drive for Google Workspace.

  4. In the Enable Google Drive for Google Workspace dialog box, in Google Workspace domain name, type the name of at least one organizational domain that is associated with your Google Workspace account. To specify another domain, choose Add another domain, and type the name of the domain.

  5. After you add domain names, choose Enable.

Note

For guidance that you can provide your users to help them get started with using Google Drive during AppStream 2.0 streaming sessions, see Use Google Drive.

Disable Google Drive for Your AppStream 2.0 Users

You can disable Google Drive for a stack without losing user content that is already stored on Google Drive. Disabling Google Drive for a stack has the following effects:

  • Users who are connected to active streaming sessions for the stack receive an error message. They are informed that they do not have permissions to access their Google Drive.

  • Any new sessions that use the stack with Google Drive disabled do not display Google Drive.

  • Only the specific stack for which Google Drive is disabled is affected.

  • Even if Google Drive is disabled for all stacks, AppStream 2.0 does not delete the user content stored in their Google Drive.

Follow these steps to disable Google Drive for an existing stack.

To disable Google Drive for an existing stack

  1. Open the AppStream 2.0 console at https://console.aws.amazon.com/appstream2.

  2. In the left navigation pane, choose Stacks, and select the stack for which to disable Google Drive.

  3. Below the stacks list, choose Storage, and clear the Enable Google Drive for Google Workspace option.

  4. In the Disable Google Drive for Google Workspace dialog box, type CONFIRM (case-sensitive) to confirm your choice, then choose Disable.

    When users of the stack start their next AppStream 2.0 streaming session, they can no longer access their Google Drive folder from within that session and future sessions.