virtualBonzo “Lab Spotlight” – AppStream SaaS Portal

As part of a potential new “segment” to the site, we thought it may be fun to share with you those labs and/or workshops that we have found to be interesting. Thus the “Lab Spotlight” is born!

If you look through the history of the site, you’ll find several posts regarding Amazon AppStream, AWS’s fully managed, non-persistent desktop and application streaming service. On a recent call, a customer said/asked, “I have deployed AppStream and would like to be able to provide users, whom I don’t manage, access to streaming applications. Is this possible?”

The answer….you’ve probably guessed by now, but I’m not going to tell you as I hope finding the answer for yourself will serve as the motivation to dig into the workshops and posts detailed below.

Creating your own AppStream 2.0 SaaS Portal

  • The AWS Workshop: Create a SaaS Portal with Amazon AppStream 2.0
    • Though you will work with S3 and SES, this workshop focuses mainly on Amazon Cognito, the API Gateway, Lambda, and AppStream.
    • The main page for this workshop does provide a CloudFormation template (CFT) to deploy its reference architecture. If you are familiar with the AWS services mentioned above it may be preferable to use the CFT but for me personally, the first time I completed the workshop, I performed the manual steps so as to understand what the CFT is doing “behind the scenes”.
    • To complete the workshop, you’ll need:
      • an AWS account
      • an AppStream 2.0 image, fleet, and stack
      • at least one test email address
  • To expand the environment to add SAML authentication to the SaaS portal, check out the Adding SAML authentication to an Amazon AppStream 2.0 SaaS Portal post.
    • This post will walk you through the steps necessary to setup SAML authentication with your AppStream SaaS Portal though it focuses on using AWS SSO as the SAML Identify Provider (IdP).
    • In my testing however, I wanted to use my Okta developer account as the IdP, thus under the Step 2 section of the referenced post, I did not do the (13) step procedure that begins with “Open the AWS SSO console”, but instead performed the steps needed to use Okta as the IdP. If you wish to do the same, I believe you will find the following AWS Knowledge Center article invaluable: How do I set up Okta as a SAML identity provider in an Amazon Cognito user pool?
    • To integrate SAML with your AppStream SaaS Portal, you’ll need:
      • To complete the Create a SaaS Portal with Amazon AppStream 2.0 workshop
      • Access to AWS SSO
      • Or if testing with Okta as the IdP, an Okta developer account

I believe that should do it for this edition of virtualBonzo’s lab spotlight. I hope you find it useful and have as much fun working through it as I did….happy labbing everyone!!

Leave a Reply

Your email address will not be published. Required fields are marked *