Best Practices to Prepare your Amazon WorkSpaces for Linux Images - Best Practices to Prepare your Amazon WorkSpaces for Linux Images

Best Practices to Prepare your Amazon WorkSpaces for Linux Images

Publication date: February 2020 (Document Details)

Abstract

This whitepaper outlines a set of best practices for the image preparation of Amazon WorkSpaces for Linux. The paper covers Well-Architected Principles applied to image design, the make-up of an Amazon WorkSpace, the Bundle and Image process for Amazon WorkSpaces, and methodologies for Image management. The paper addresses best practices for operating system updates, remote protocol configuration, application deployment, and desktop experience configuration of MATE.

This whitepaper will help you in your role as a desktop configuration or security engineer.

Introduction

Amazon WorkSpaces is a managed desktop computing service in the cloud. Amazon WorkSpaces removes the burden of procuring or deploying hardware and delivers a desktop experience. Administrators can provision WorkSpaces with a few clicks on the AWS Management Console, using the AWS Command Line Interface (CLI), or by using the range of Application Program Interfaces (APIs). With Amazon WorkSpaces, you can launch a desktop within minutes, establish a connection, and access your desktop software on-premises or through an external network securely, reliably, and quickly.

For your WorkSpaces users, you can choose between multiple hardware configurations and operating system types. You can launch a WorkSpace that runs Amazon Linux 2, which is bundled with the Amazon Linux WorkSpaces Desktop, Firefox, Evolution, Pidgin, and Libre Office. The Amazon Linux WorkSpaces Desktop uses the MATE Desktop Environment. The MATE Desktop Environment is the continuation of GNOME 2. It provides an intuitive desktop environment using desktop metaphors for Linux operating systems.

If we consider typical Amazon Linux WorkSpace use cases, there are a number of benefits to preparing a customized Amazon WorkSpace ready for deployment directly to users. For a development environment, the ability to pre-configure the desktop provides a ready identification of different WorkSpace sessions for production, development and test environments. For productivity users, pre-configuration allows for a standardized environment that is protected from accidental change. Organizations that need to provide their users with a mix of Windows and Linux environments can create a unified operations and configuration model with a single set of tools (such as Puppet or Chef) and processes and a consistent interaction experience that meets the needs of the entire user community.

Consider the following question when preparing to manage Amazon Linux WorkSpaces:

  • How will you deploy applications to the image?

  • How will you keep the base operating system and applications current for security and functional updates?

  • How will you maintain the user configuration in order to enable best time-to-value, or a recoverable state should errors occur?

The following sections provide details about image management for Amazon WorkSpaces for Linux, explain the principles and deployment methodologies, and explain the options and features that are available for configuration.