问题
I have a simple question which I don't think has a simple answer.
I would like to use Amazon Workspaces but a requirement would be that I can restrict the IP addresses that can access a or any workspace.
I kind of get the impression this should be possible through rules on the security group on the directory, but I'm not really sure, and I don't know where to start.
I've been unable to find any instructions for this or other examples of people having done this. Surely I'm not the first/only person to want to do this?!
Can anyone offer any pointers??
回答1:
Based on the Comments given by the @Mayb2Moro; he obtained information from AWS Support that the restriction based on the Security Group or VPC wouldn't be possible as the Workspaces connectivity would go via. another external endpoint [management interface in the backend].
Yes you are right, you need to work on the security group configured while the workspace is setup. The process goes like this,
- Pick the security group used while the Workspace bundle was created
- Go to the EC2 -> Security Group and select the security group and restrict them to your Office's Exit IP.
PS : Image Source - http://www.itnews.com.au/Lab/381939,itnews-labs-amazon-workspaces.aspx
回答2:
Now you can assign IP Access Control Groups to a Directory that is associated to your workspaces.
In the IP Access Control Group, you can specify the IPs that you wish to allow access to the workspaces.
Refer to the IP Access Control Groups for Your WorkSpaces for the official documentation.
来源:https://stackoverflow.com/questions/28246194/restrict-access-to-amazon-workspace-by-ip-address