By using AWS re:Post, you agree to the Terms of Use
/Can I set a security group for each workspace that is launched?/

Can I set a security group for each workspace that is launched?

0

Can I set a security group for each workspace that is launched? 1 workspace has security group A, and another workspace has security group B.

1 Answers
1

Hi,

When you register a directory with WorkSpaces, it creates two security groups, one for directory controllers and another for WorkSpaces in the directory. The security group for directory controllers has a name that consists of the directory identifier followed by **_controllers **(for example, d-12345678e1_controllers). The security group for WorkSpaces has a name that consists of the directory identifier followed by _workspacesMembers (for example, d-123456fc11_workspacesMembers).

You can add a default WorkSpaces security group to a WorkSpaces directory. After you associate a new security group with a WorkSpaces directory, new WorkSpaces that you launch or existing WorkSpaces that you rebuild will have the new security group. When you associate multiple security groups with a WorkSpaces directory, the rules from each security group are effectively aggregated to create one set of rules.

To add a security group to an existing WorkSpace without rebuilding it, you assign the new security group to the elastic network interface (ENI) of the WorkSpace. Security Groups

You can use the Amazon WorkSpaces API to programmatically launch the WorkSpaces, find the ENI assigned, and assign security groups to the ENI belonging to the WorkSpace. In your example you can use the API to launch 1 workspace has security group A attached to ENI, and launch another workspace and assign security group B to the ENI.

EXPERT
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions