LogoLogo
  • Welcome to WorkSpaces Manager
  • Overview
    • Change Log
      • Stable
      • Beta
    • Portal Requirements
      • Software Requirements
      • Hardware Requirements
    • Installation Prerequisites
      • Active Directory Service Account
      • Amazon WorkSpaces Cost Optimizer
      • CloudWatch Log Group & Eventbridge Rule
      • Port Requirements
      • AWS Service Endpoints
    • Installation Procedure
      • Subscribe to WorkSpaces Manager License Key
      • Request a License Key
      • Subscribe to WorkSpaces Manager Appliance
      • Deploy WorkSpaces Manager Appliance via CloudFormation
      • Configure WorkSpaces Manager
    • Upgrade Procedures
      • From Version 5
      • WSM Update Tool
      • Latest Version Updates
    • Alternate deployment options
      • Install manually on EC2
      • Deployment from Shared AMI
        • Security Group
        • IAM Requirements: Custom Policies
        • IAM Requirements: Role and EC2 instance profile
        • Shared AMI (Amazon Machine Image)
      • Create AMI via Packer
      • Deploy an RDS Database via Terraform
    • WorkSpaces Performance Monitor Agent
    • High Availability (HA)
    • Appendices
      • Administrator Active Directory Permissions
      • SES Configuration
      • HTTPS/TLS Encryption
      • Friendly Portal URL Address
      • GPO and values for WorkSpaces Performance Monitor Agent
      • GPO and value for Disconnection after idle time
      • IAM Policies in JSON format
      • AWS CLI v2
      • LDAP (Active Directory) Troubleshooting for WSM
Powered by GitBook
On this page
  1. Overview
  2. Installation Prerequisites

AWS Service Endpoints

AWS Service Endpoints are URLs that enable network connectivity between AWS services and clients. They can be public (internet-accessible) or private (via AWS PrivateLink for secure VPC access).

PreviousPort RequirementsNextInstallation Procedure

Last updated 3 months ago

Official information about AWS Service Endpoints & Quotas can be found .

WorkSpaces Manager (WSM) requires connectivity to various AWS services to manage WorkSpaces effectively across multiple accounts. Below is a list of essential AWS service endpoints used by WSM:

1. Amazon S3

  • Purpose: Stores logs, configuration files, and cost optimization data.

  • Endpoint Pattern: s3.<region>.amazonaws.com

2. Amazon WorkSpaces

  • Purpose: Manages WorkSpaces lifecycle, including provisioning, starting, stopping, and termination.

  • Endpoint Pattern: workspaces.<region>.amazonaws.com

3. AWS Key Management Service (KMS)

  • Purpose: Encrypts WorkSpaces storage, backups, and sensitive data.

  • Endpoint Pattern: kms.<region>.amazonaws.com

4. Amazon AppStream 2.0 (if applicable)

  • Purpose: Supports streaming applications for users in place of traditional WorkSpaces.

  • Endpoint Pattern: appstream2.<region>.amazonaws.com

5. Amazon RDS (if applicable)

  • Purpose: Hosts the database backend for storing WSM-related metadata and configuration.

  • Endpoint Pattern: rds.<region>.amazonaws.com

6. AWS Directory Service

  • Purpose: Manages Active Directory connections for WorkSpaces authentication and policy enforcement.

  • Endpoint Pattern: ds.<region>.amazonaws.com

7. Amazon EC2

  • Purpose: Runs the WSM appliance instances and manages underlying infrastructure.

  • Endpoint Pattern: ec2.<region>.amazonaws.com

8. AWS Secrets Manager

  • Purpose: Securely stores credentials, API keys, and sensitive configuration details for WSM.

  • Endpoint Pattern: secretsmanager.<region>.amazonaws.com

Configuring Endpoints

Ensure that the necessary endpoints are accessible in your AWS environment, particularly in environments with strict network policies, such as private VPCs or on-premises setups.

Regions

AWS Region Endpoints are unique URLs specific to an AWS service within a particular region, enabling API requests to be directed to the correct regional infrastructure. They follow the format <service>.<region>.amazonaws.com.

AWS services are available across multiple regions worldwide, each identified by a unique code. Below is a list of AWS regions along with their corresponding codes:

Region Name
Region Code

US East (Ohio)

us-east-2

US East (N. Virginia)

us-east-1

US West (N. California)

us-west-1

US West (Oregon)

us-west-2

Africa (Cape Town)

af-south-1

Asia Pacific (Hong Kong)

ap-east-1

Asia Pacific (Hyderabad)

ap-south-2

Asia Pacific (Jakarta)

ap-southeast-3

Asia Pacific (Kuala Lumpur)

ap-southeast-5

Asia Pacific (Melbourne)

ap-southeast-4

Asia Pacific (Mumbai)

ap-south-1

Asia Pacific (Osaka)

ap-northeast-3

Asia Pacific (Seoul)

ap-northeast-2

Asia Pacific (Singapore)

ap-southeast-1

Asia Pacific (Sydney)

ap-southeast-2

Asia Pacific (Tokyo)

ap-northeast-1

Canada (Central)

ca-central-1

Europe (Frankfurt)

eu-central-1

Europe (Ireland)

eu-west-1

Europe (London)

eu-west-2

Europe (Milan)

eu-south-1

Europe (Paris)

eu-west-3

Europe (Spain)

eu-south-2

Europe (Stockholm)

eu-north-1

Europe (Zurich)

eu-central-2

Israel (Tel Aviv)

il-central-1

Middle East (Bahrain)

me-south-1

Middle East (UAE)

me-central-1

South America (São Paulo)

sa-east-1

Each AWS service within a region has a specific endpoint that follows a standardized URL pattern: https://service-code.region-code.amazonaws.com. For example, the Amazon S3 endpoint for the US East (N. Virginia) region is https://s3.us-east-1.amazonaws.com.

For a comprehensive list of AWS service endpoints by region, and all the new regions that are created over time, please refer to the .

here
AWS Service Endpoints documentation