How to limit Workdocs access for only AWS Workspace

Question

Thanks for any help,

I know we can limit workdocs access by IP, but currently even if I'm accessing it from my AWS Workspace machine, the IP used to access workdocs is a public IP, and although the IP for each of the AWS workspace machines seems to not change, there seems to be no logic, so every time I create a new workspace I need to wait for the user to login to get their public IP to add to the allow list of my workdocs domain.

Is there a way to wither make all workspace machines use public IPs from the same pool or to make them access my workdocs using their private IP so I can allow all their private IPs and be done with this instead of configure on a per machine basis?

thanks for any help on this.

Answer

To clarify, each of your WorkSpaces has an Internet-facing IP addressing?

Generally WorkSpaces aren't themselves internet-facing, and customers use a NAT gateway on the VPC to provide them access to the Internet, without exposing each individual instance directly to the Internet. In that scenario, you should be able to enforce WorkDocs access to the public IP of the NAT, and all WorkSpaces (and other resources within the VPC that use that NAT) would be able to access WorkDocs.

How to limit Workdocs access for only AWS Workspace

相關內容