By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Secure access to AWS WorkSpaces

0

I have a customer that is looking to utilize AWS WorkSpaces for allowing user access to sensitive data as it's certified for IRAP and PROTECTED workloads in Australia.

He is looking to limit the access to the WorkSpaces to only users coming in over AWS Client VPN but is concerned at the lack of compliance information around Client VPN and it not being listed in the IRAP certification.

Is there any information to share around Client VPN compliance or an alternative solution?

Happy to hear any and all thoughts.

Topics
End User Computing
Tags
Amazon WorkSpaces
Language
English
AWS-User-4230713
asked 5 years ago851 views
1 Answer
0
Accepted Answer

AWS Client VPN / a DX do not add any security improvement. WorkSpaces gateways are public, so any traffic that traverses a private connection would need to egress their network to connect to our public edge. Also, streaming traffic, for WorkSpaces, is AES 256 bit encrypted. I would suggest you look at some of the functions to limit connectivity to WorkSpaces. Things like Certificate based auth and IP allowlisting can allow them to limit the specific devices that can access their WorkSpaces as well as where they can connect from.

EXPERT
Justin_S
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content