Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Secure access to AWS WorkSpaces

0

I have a customer that is looking to utilize AWS WorkSpaces for allowing user access to sensitive data as it's certified for IRAP and PROTECTED workloads in Australia.

He is looking to limit the access to the WorkSpaces to only users coming in over AWS Client VPN but is concerned at the lack of compliance information around Client VPN and it not being listed in the IRAP certification.

Is there any information to share around Client VPN compliance or an alternative solution?

Happy to hear any and all thoughts.

Temas
Computación de usuario final
Etiquetas
Amazon WorkSpaces
Idioma
English
AWS-User-4230713
preguntada hace 5 años867 visualizaciones
1 Respuesta
0
Respuesta aceptada

AWS Client VPN / a DX do not add any security improvement. WorkSpaces gateways are public, so any traffic that traverses a private connection would need to egress their network to connect to our public edge. Also, streaming traffic, for WorkSpaces, is AES 256 bit encrypted. I would suggest you look at some of the functions to limit connectivity to WorkSpaces. Things like Certificate based auth and IP allowlisting can allow them to limit the specific devices that can access their WorkSpaces as well as where they can connect from.

EXPERTO
Justin_S
respondido hace 5 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante