AWS WorkSpaces – Using AWS Systems Manager for Software Deployment

As part of our ongoing series about leveraging cloud native tools for managing cloud-based VDI workloads, this blog will focus on delivering applications using AWS Systems Manager.

AWS Systems Manager is a secure end-to-end management solution for hybrid cloud environments.

Here are some of the use cases for AWS Systems Manager.

• Centralize operational data. Aggregate data in a single console and gain actionable insights across AWS services such as Amazon CloudWatch, AWS CloudTrail, and AWS Config, as well as third-party tools.
• Automatically resolve application issues. Leverage operational data to easily manage applications and identify issues quickly across associated AWS resource groups.
• Implement best practices. Automate proactive processes such as patching and resource changes—as well as reactive processes—to quickly diagnose and remediate operational issues before they affect users.
• Remediate security events. Adapt your security and compliance profile and analyze security events after-the-fact to prevent a future re-occurrence.

(Big thanks to Troy Couch – Associate Director, EUC here at Entisys360 for the technical content below!)

Requirements

• This blog assumes you already deployed AWS WorkSpaces and have integrated Amazon CloudTrail and AWS CloudWatch
• NotePad++  is available on GItHub
• A secured S3 bucket for storing the application package

1. Browse to Services > Systems Manager
   
2. Select Node Management > Hybrid Activations
   Click Create an Activation
   
3. Enter a description
   Enter instance limit
   Select Create a System Default Command…
   Enter default instance name
   Click Create Activation
   
   
4. Copy Activation Code and Application ID in a temporary document for later use
   
5. View Activation details in Systems Manager
   
6. Logon to WorkSpaces and launch desktop
   
7. Open PowerShell and select Run as Administrator
   
8. Copy the following PowerShell commands to NotePad$code = “activation-code“
   $id = “activation-id“
   $region = “region“
   $dir = $env:TEMP + “\ssm”
   New-Item -ItemType directory -Path $dir -Force
   cd $dir
   (New-Object System.Net.WebClient).DownloadFile(“https://amazon-ssm-$region.s3.amazonaws.com/latest/windows_amd64/AmazonSSMAgentSetup.exe”, $dir + “\AmazonSSMAgentSetup.exe”)
   Start-Process .\AmazonSSMAgentSetup.exe -ArgumentList @(“/q”, “/log”, “install.log”, “CODE=$code”, “ID=$id”, “REGION=$region”) -Wait
   Get-Content ($env:ProgramData + “\Amazon\SSM\InstanceData\registration”)
   Get-Service -Name “AmazonSSMAgent”
9. Edit activation-code, activation-id and region (e.g. us-west-2) variables.
   
10. Copy and Paste commands into PowerShell
11. Confirm successful SSM Agent activation
12. Logoff WorkSpaces and return to AWS Console
13. Select Services > Systems Manager > Run a Command.
    Click Run a Command
    
14. Select the AWS-RunPowerShellScript document.
    
15. Copy the following text to deploy NotePad++
    function Install-Npp ($source = ($env:TEMP + “\SW”))
    {
    If (!(Test-Path -Path $source -PathType Container)) {New-Item -Path $source -ItemType Directory | Out-Null}$packages = @(@{title=’Notepad++ 7.8.6′;url=’https://github.com/notepad-plus-plus/notepad-plus-plus/releases/download/v7.8.6/npp.7.8.6.Installer.exe’;Arguments=’ /Q /S’;Destination=$source})[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12foreach ($package in $packages) {
    $packageName = $package.title
    $fileName = Split-Path $package.url -Leaf
    $destinationPath = $package.Destination + “\” + $fileNameIf (!(Test-Path -Path $destinationPath -PathType Leaf)) {
    Write-Host “Downloading $packageName”
    $webClient = New-Object System.Net.WebClient
    $webClient.DownloadFile($package.url,$destinationPath)
    }}foreach ($package in $packages) {
    $packageName = $package.title
    $fileName = Split-Path $package.url -Leaf
    $destinationPath = $package.Destination + “\” + $fileName
    $Arguments = $package.Arguments
    Write-Output “Installing $packageName”
    Invoke-Expression -Command “$destinationPath $Arguments”
    }}
    Install-Npp
16. Under Commands, paste the copied text above for NotePad++ installation
    
17. Select Choose instances manually
    Select the registered WorkSpaces Agent(s)
    Check Enable an S3 bucket
    Choose an S3 bucket name from the list
    Check Enable CloudWatch logs
    Click Run
    
    
18. Command will be executed and be complete within 5-10 minutes
    
19. Confirm Success in the Console
    
20. Logon to WorkSpaces and launch desktop
21. Open Start Menu and check for NotePad++
22. Open NotePad++
    
23. NotePad++ works!
    

Now you can leverage the cloud native AWS Systems Manager to create more application packages.

Please contact Entisys360 or your Entisys360 Account Executive, if you would like to learn more about integrating AWS WorkSpaces with other AWS services for a more cloud native VDI deployment.