LogoLogo
  • Welcome to WorkSpaces Manager
  • Overview
    • Change Log
      • Stable
      • Beta
    • Portal Requirements
      • Software Requirements
      • Hardware Requirements
    • Installation Prerequisites
      • Active Directory Service Account
      • Amazon WorkSpaces Cost Optimizer
      • CloudWatch Log Group & Eventbridge Rule
      • Port Requirements
      • AWS Service Endpoints
    • Installation Procedure
      • Subscribe to WorkSpaces Manager License Key
      • Request a License Key
      • Subscribe to WorkSpaces Manager Appliance
      • Deploy WorkSpaces Manager Appliance via CloudFormation
      • Configure WorkSpaces Manager
    • Upgrade Procedures
      • From Version 5
      • WSM Update Tool
      • Latest Version Updates
    • Alternate deployment options
      • Install manually on EC2
      • Deployment from Shared AMI
        • Security Group
        • IAM Requirements: Custom Policies
        • IAM Requirements: Role and EC2 instance profile
        • Shared AMI (Amazon Machine Image)
      • Create AMI via Packer
      • Deploy an RDS Database via Terraform
    • WorkSpaces Performance Monitor Agent
    • High Availability (HA)
    • Appendices
      • Administrator Active Directory Permissions
      • SES Configuration
      • HTTPS/TLS Encryption
      • Friendly Portal URL Address
      • GPO and values for WorkSpaces Performance Monitor Agent
      • GPO and value for Disconnection after idle time
      • IAM Policies in JSON format
      • AWS CLI v2
      • LDAP (Active Directory) Troubleshooting for WSM
      • RDS Database Options
Powered by GitBook
On this page
  • Step 1: Install AWS CLI v2
  • Step 2: Check AWS CLI configuration
  • Step 3: Test Access to AWS Endpoints
  • Step 4: Debugging Permission Issues
  • Step 5: Verify Network Connectivity
  1. Overview
  2. Appendices

AWS CLI v2

AWS CLI (Command Line Interface) v2 is a powerful tool that allows to manage AWS services from the command line.

PreviousIAM Policies in JSON formatNextLDAP (Active Directory) Troubleshooting for WSM

Last updated 3 months ago

Given that WorkSpaces Manager (WSM) runs on Windows, we are not adding specifics for Linux or MacOSX.

Below are the steps to install AWS CLI v2 on WSM (Windows-based) and perform basic troubleshooting to validate credentials and permissions. Use the official for information.

Step 1: Install AWS CLI v2

  1. From PowerShell, as an elevated user (Administrator), run the .msi installer with command:

msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi
  1. Follow the on-screen instructions to complete the installation.

  2. Confirm the installation by opening a command prompt and running:

aws --version

The output should display the installed version of AWS CLI.

If you don't have Access keys, you'll need to create them for some of these commands. To do this, navigate to your IAM user on the AWS console, go to the Security Credentials section, scroll down, and create a new set of access keys. Be sure to download and save the file securely, as the secret key will only be visible at the time of creation and cannot be retrieved later from the console.

Step 2: Check AWS CLI configuration

  • Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

    aws configure list
  • This command will show:

    • Configured credentials

    • Profile

    • Default Region Name (e.g., eu-central-1)

Run the configuration command to to display the current credentials, ensuring they are set to a type of "iam-role":

  • To see the active credentials and their source:

aws sts get-caller-identity

This command returns the AWS account ID, user/role ARN, and the user/role making the call.

Step 3: Test Access to AWS Endpoints

Run a simple command to verify connectivity to the relevant AWS services:

  • WorkSpaces:

    aws workspaces describe-workspaces
  • Directories:

    aws ds describe-directories
  • S3 (if applicable):

    aws s3 ls

If the commands return valid results, your configuration and permissions are correct.

Step 4: Debugging Permission Issues

  • If a command fails with a 403 Access Denied or You are not authorized to perform this operation error, verify:

    • The IAM Policy and Instance Role attached to the EC2 Instance includes the necessary permissions.

    • The resource (e.g., WorkSpaces or Directories) exists in the configured region.

  • Use the --debug flag to get more details about the API call:

    aws workspaces describe-workspaces --debug

Look for errors such as missing permissions or endpoint issues.

Step 5: Verify Network Connectivity

  • Ensure your WSM instance can access AWS endpoints.

  • Test connectivity to the AWS WorkSpaces Service Endpoints via browser:

    https://workspaces.<region>.amazonaws.com

Example:

  • If there is a response, even in form of error, we can assume that there is connectivity.

  • If connectivity fails, check the network settings, such as VPC, security groups, firewall and proxy configuration.

AWS website
https://workspaces.eu-central-1.amazonaws.com/workspaces.eu-central-1.amazonaws.com