Figuring out how to do Amazon Workspaces using a Zero Client with DOD CAC smartcard auth
- Make a
iac/terraform.tfvars
file with your values - Apply the terraform code
cd iac terraform init terraform apply
- The Windows EC2 instance for Active Directory does not have a public IP address or port 3389 open for security reasons. To RDP to it you have to use
aws ssm start-session
to set up port forwarding, then you can RDP tolocalhost:<theport>
.aws ssm start-session --target <TheInstanceID> --document-name AWS-StartPortForwardingSession --parameters "localPortNumber=54321,portNumber=3389" --region <TheRegion>
- The DSRM password is visible in the user data script. It should be set some other way.