Internet Access for WorkSpaces Pools
If your WorkSpaces in WorkSpaces Pools require internet access, you can enable it in several ways. When you choose a method for enabling internet access, consider the number of users your deployment must support and your deployment goals. For example:
-
If your deployment must support more than 100 concurrent users, configure a VPC with private subnets and a NAT gateway.
-
If your deployment supports fewer than 100 concurrent users, you can configure a new or existing VPC with a public subnet.
-
If your deployment supports fewer than 100 concurrent users and you are new to WorkSpaces Pools and want to get started using the service, you can use the default VPC, public subnet, and security group.
The following sections provide more information about each of these deployment options.
-
Configure a VPC with Private Subnets and a NAT Gateway (recommended) — With this configuration, you launch your WorkSpaces Pools builders in a private subnet and configure a NAT gateway in a public subnet in your VPC. Your streaming instances are assigned a private IP address that is not directly accessible from the internet.
In addition, unlike configurations that use the Default Internet Access option for enabling internet access, the NAT configuration is not limited to 100 WorkSpaces in WorkSpaces Pools. If your deployment must support more than 100 concurrent users, use this configuration.
You can create and configure a new VPC to use with a NAT gateway, or add a NAT gateway to an existing VPC.
-
Configure a New or Existing VPC with a Public Subnet — With this configuration, you launch your WorkSpaces Pools in a public subnet. When you enable this option, WorkSpaces Pools uses the internet gateway in your Amazon VPC public subnet to provide the internet connection. Your streaming instances are assigned a public IP address that is directly accessible from the internet. You can create a new VPC or configure an existing one for this purpose.
Note
When you configure a new or existing VPC with a public subnet, a maximum of 100 WorkSpaces are supported in WorkSpaces Pools. If your deployment must support more than 100 concurrent users, use the NAT gateway configuration instead.
-
Use the Default VPC, Public Subnet, and Security Group — If you are new to WorkSpaces Pools and want to get started using the service, you can launch your WorkSpaces Pools in a default public subnet. When you enable this option, WorkSpaces Pools uses the internet gateway in your Amazon VPC public subnet to provide the internet connection. Your streaming instances are assigned a public IP address that is directly accessible from the internet.
Default VPCs are available in Amazon Web Services accounts created after 2013-12-04.
The default VPC includes a default public subnet in each Availability Zone and an internet gateway that is attached to your VPC. The VPC also includes a default security group.
Note
When you use the default VPC, public subnet, and security group, a maximum of 100 WorkSpaces are supported in WorkSpaces Pools. If your deployment must support more than 100 concurrent users, use the NAT gateway configuration instead.
