AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Aws appstream vs workspaces12/31/2023 For example, a data analyst can run an Amazon Redshift query via an ODBC driver, transpose and analyze data for reports needed by leadership. This reduces any rework or retraining on different tools. This allowed us to prevent users from accessing the environment outside of the corporate network, in addition to requiring multi-factor authentication before granting them access.ĪppStream 2.0’s use of the Microsoft Windows operating system enables us to provide our data analysts with familiar applications. To implement this solution, the project team used Amazon’s internal SAML provider as the entry point to AppStream 2.0. The following is an abbreviated diagram of this solution. AppStream 2.0 also provides our administrators with the ability to disable file transfer, printing, or copying and pasting, which prevents a user from bringing the highly sensitive data to their local machine. It ensures that our users are able to access the data only when connected to our corporate network. We would have had to build the servers, streaming gateways, consider the benefits and drawbacks of third-party VDI solutions, and manage it ourselves.Īmazon’s use of AppStream 2.0 for our COVID-19 project provides our data scientists and data analysts access to isolated data in a secure manner. Building a VDI (virtual desktop infrastructure) environment using EC2 would have taken considerably longer. Once settled on AppStream 2.0, Amazon was able to sketch out and validate this solution in a matter of a week. In addition, its native auditing capabilities enabled Amazon to easily meet its security auditing requirements.Īnd finally, the use of automatic scaling enabled Amazon to build a cost-effective solution, with the environment automatically scaled down when not in use. This satisfied one of the important security requirements. It enabled our administrators to curate the experience for our data scientists and data analysts, and reduced the effort involved in deploying updates.įurthermore, AppStream 2.0’s ability to assert IAM roles through instance profiles, enabled us to provide access to AWS Services without the need for access and secret keys. AppStream 2.0 is built on AWS, so you benefit from a data center and network architecture designed for the most security-sensitive organizations.īeing a non-persistent solution, and with an image-based approach to managing application updates and operating system patches, AppStream 2.0 met our needs best. You can easily scale to any number of users across the globe without acquiring, provisioning, and operating hardware or infrastructure. You centrally manage your desktop applications on AppStream 2.0 and securely deliver them to any computer. What is Amazon AppStream 2.0?Īmazon AppStream 2.0 is a fully managed non-persistent application and desktop streaming service. In addition, it could increase performance by placing the tools closer to the data.Īmazon had to choose between building a solution on Amazon Elastic Compute Cloud, or using AWS Managed Services such as Amazon AppStream 2.0 or Amazon WorkSpaces. This would allow for increased security, by isolating the working environment of Amazon’s data scientists and data analysts. With VDI, only the pixels of the data are streamed to the users, while the data itself never leaves the environment. To provide access to this environment, Amazon leaned towards Virtual Desktop Infrastructure (VDI) as a solution. Comprehensive auditing of user activities.Data can’t leave the isolated environment, including through copying and pasting, or printing.Access only allowed when connecting from a corporate device and on the corporate network.Access limited only to analytic interfaces via IAM roles.No direct access to raw data including administrators of the environment.All data must be stored in an isolated environment with no internet access.The architecture for this solution had to meet the following security requirements: On the one hand you must secure, anonymize and isolate your data, while on the other you have to expose it to its intended consumers. The challenge with building such a data lake is its competing requirements. That led Amazon to build a secure data lake to store highly sensitive data, and a global scale, resilient analytics environment. Forecasting required the construction of interactive reports and machine learning models. To supplement these safety measure initiatives, Amazon had to forecast the spread and risk of COVID-19 at Amazon sites. This included canceling large events, moving stakeholder meetings online, and pausing tours of fulfillment centers.Īs of this post, Amazon has continued to invest more than $8 billion in COVID-19 safety measures. On February 28th 2020, due to the COVID-19 pandemic, Amazon announced that we had taken steps to protect the health of our employees and communities.
0 Comments
Read More
Leave a Reply. |