Curriculum Overview: AWS End-User Computing (EUC) Services
End-user computing services of Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces Secure Browser
Curriculum Overview: AWS End-User Computing (EUC) Services
This curriculum covers the three core AWS services designed to deliver desktop applications, full virtual desktops, and secure web access to users worldwide: Amazon AppStream 2.0, Amazon WorkSpaces, and Amazon WorkSpaces Secure Browser (formerly WorkSpaces Web).
Prerequisites
To successfully master these services, learners should possess the following foundational knowledge:
- Basic Cloud Concepts: Understanding of AWS Global Infrastructure (Regions and Availability Zones).
- Networking Fundamentals: Familiarity with Virtual Private Clouds (VPCs), subnets, and the difference between public and private internet access.
- Identity Management: Basic understanding of how users are authenticated (e.g., AWS IAM or Microsoft Active Directory).
- Operating System Basics: Familiarity with Windows and Linux desktop environments.
Module Breakdown
| Module | Focus Area | Difficulty |
|---|---|---|
| 1. Virtual Desktop Infrastructure (VDI) | Amazon WorkSpaces: Persistent cloud desktops. | Intermediate |
| 2. Application Streaming | Amazon AppStream 2.0: Non-persistent application delivery. | Intermediate |
| 3. Secure Web Access | Amazon WorkSpaces Secure Browser: Web-based internal access. | Beginner |
| 4. Solution Architecture | Choosing the right EUC service for specific business needs. | Advanced |
Module Objectives per Module
Module 1: Amazon WorkSpaces
- Identify the use cases for persistent desktops (e.g., developers, remote full-time employees).
- Differentiate between Windows and Linux WorkSpaces bundles.
- Understand the "Always-on" vs. "Auto-stop" billing models.
Module 2: Amazon AppStream 2.0
- Describe how AppStream 2.0 converts desktop applications into browser-based streams.
- Explain the benefits for resource-intensive software (e.g., CAD, 3D modeling).
- Evaluate the cost-efficiency of non-persistent vs. persistent environments.
Module 3: Amazon WorkSpaces Secure Browser
- Define the role of web-based isolation in security.
- Identify scenarios where VPN-less access to internal corporate websites is required.
- Understand how to eliminate the need for local client software.
Visual Anchors
Service Decision Flow
Use the following flowchart to determine which service aligns with specific user requirements.
Conceptual Architecture
Below is a high-level view of how users connect to these services via the AWS Cloud.
Examples & Use Cases
Amazon WorkSpaces
- Scenario: A financial firm hires 50 remote contractors who need access to sensitive internal software and a full Windows environment.
- Benefit: The company provides a persistent desktop where files are saved even after logout, ensuring data never leaves the AWS cloud.
Amazon AppStream 2.0
- Scenario: A university teaches a class on AutoCAD, but students only have low-powered Chromebooks.
- Benefit: The university streams the resource-intensive AutoCAD application from AWS, allowing students to run it smoothly in a browser.
Amazon WorkSpaces Secure Browser
- Scenario: Employees need to access the company's internal HR portal while traveling, without using a complex VPN.
- Benefit: Users access the portal through a secure web session that isolates the internal site from the public internet.
[!IMPORTANT] Unlike WorkSpaces, AppStream 2.0 is generally non-persistent, meaning user data is wiped at the end of a session unless specifically configured with external storage like Amazon S3 or Google Drive.
Success Metrics
To confirm mastery of this curriculum, a learner should be able to:
- Select the correct service for a scenario involving high-end GPU requirements (AppStream 2.0).
- Identify which service eliminates the need for a VPN for internal web apps (Secure Browser).
- Explain why Amazon WorkSpaces is suitable for a "Bring Your Own Device" (BYOD) corporate policy.
- Compare the management overhead of virtual desktops versus physical hardware maintenance.
Real-World Application
Workforce Mobility
In the modern economy, EUC services are the backbone of Remote Work and Hybrid Offices. Companies no longer need to ship expensive laptops to employees; they can simply provide login credentials to a secure cloud desktop.
Security & Compliance
EUC services provide a "walled garden." For industries like healthcare and legal, keeping sensitive data inside the AWS VPC—rather than on a user's physical hard drive—is a critical component of passing audits and maintaining HIPAA or GDPR compliance.
Career Alignment
- Cloud Architect: Designing the infrastructure to support thousands of virtual users.
- IT Support Specialist: Managing user bundles, image updates, and connectivity troubleshooting.
- Security Engineer: Implementing web-isolation policies to prevent data exfiltration.