AWS Service Endpoints

AWS Service Endpoints are URLs that enable network connectivity between AWS services and clients. They can be public (internet-accessible) or private (via AWS PrivateLink for secure VPC access).

Official information about AWS Service Endpoints & Quotas can be found here.

WorkSpaces Manager (WSM) requires connectivity to various AWS services to manage WorkSpaces effectively across multiple accounts. Below is a list of essential AWS service endpoints used by WSM:

1. Amazon S3

  • Purpose: Stores logs, configuration files, and cost optimization data.

  • Endpoint Pattern: s3.<region>.amazonaws.com

2. Amazon WorkSpaces

  • Purpose: Manages WorkSpaces lifecycle, including provisioning, starting, stopping, and termination.

  • Endpoint Pattern: workspaces.<region>.amazonaws.com

3. AWS Key Management Service (KMS)

  • Purpose: Encrypts WorkSpaces storage, backups, and sensitive data.

  • Endpoint Pattern: kms.<region>.amazonaws.com

4. Amazon AppStream 2.0 (if applicable)

  • Purpose: Supports streaming applications for users in place of traditional WorkSpaces.

  • Endpoint Pattern: appstream2.<region>.amazonaws.com

5. Amazon RDS (if applicable)

  • Purpose: Hosts the database backend for storing WSM-related metadata and configuration.

  • Endpoint Pattern: rds.<region>.amazonaws.com

6. AWS Directory Service

  • Purpose: Manages Active Directory connections for WorkSpaces authentication and policy enforcement.

  • Endpoint Pattern: ds.<region>.amazonaws.com

7. Amazon EC2

  • Purpose: Runs the WSM appliance instances and manages underlying infrastructure.

  • Endpoint Pattern: ec2.<region>.amazonaws.com

8. AWS Secrets Manager

  • Purpose: Securely stores credentials, API keys, and sensitive configuration details for WSM.

  • Endpoint Pattern: secretsmanager.<region>.amazonaws.com

Configuring Endpoints

Ensure that the necessary endpoints are accessible in your AWS environment, particularly in environments with strict network policies, such as private VPCs or on-premises setups.

Regions

AWS Region Endpoints are unique URLs specific to an AWS service within a particular region, enabling API requests to be directed to the correct regional infrastructure. They follow the format <service>.<region>.amazonaws.com.

AWS services are available across multiple regions worldwide, each identified by a unique code. Below is a list of AWS regions along with their corresponding codes:

Region Name
Region Code

US East (Ohio)

us-east-2

US East (N. Virginia)

us-east-1

US West (N. California)

us-west-1

US West (Oregon)

us-west-2

Africa (Cape Town)

af-south-1

Asia Pacific (Hong Kong)

ap-east-1

Asia Pacific (Hyderabad)

ap-south-2

Asia Pacific (Jakarta)

ap-southeast-3

Asia Pacific (Kuala Lumpur)

ap-southeast-5

Asia Pacific (Melbourne)

ap-southeast-4

Asia Pacific (Mumbai)

ap-south-1

Asia Pacific (Osaka)

ap-northeast-3

Asia Pacific (Seoul)

ap-northeast-2

Asia Pacific (Singapore)

ap-southeast-1

Asia Pacific (Sydney)

ap-southeast-2

Asia Pacific (Tokyo)

ap-northeast-1

Canada (Central)

ca-central-1

Europe (Frankfurt)

eu-central-1

Europe (Ireland)

eu-west-1

Europe (London)

eu-west-2

Europe (Milan)

eu-south-1

Europe (Paris)

eu-west-3

Europe (Spain)

eu-south-2

Europe (Stockholm)

eu-north-1

Europe (Zurich)

eu-central-2

Israel (Tel Aviv)

il-central-1

Middle East (Bahrain)

me-south-1

Middle East (UAE)

me-central-1

South America (São Paulo)

sa-east-1

Each AWS service within a region has a specific endpoint that follows a standardized URL pattern: https://service-code.region-code.amazonaws.com. For example, the Amazon S3 endpoint for the US East (N. Virginia) region is https://s3.us-east-1.amazonaws.com.

For a comprehensive list of AWS service endpoints by region, and all the new regions that are created over time, please refer to the AWS Service Endpoints documentation.

PreviousPort RequirementsNextInstallation Procedure

Last updated