A set of AWS accounts were created which complied with UK Official Quickstart Architecture. The WorkSpaces were provisioned within a Management Account for which access was provided via an assumed role from a user security account. As part of this work, we also provided:
• Workspaces: Amazon WorkSpaces providing Windows Server 2016 (Windows 10 look and feel) desktops, secured behind AWS Managed Gateways and running Windows Defender (malware protection), Office (click-to-run), Sparx Enterprise Architect software and access to Atlassian tools including Jira and Confluence.
• Active Directory: Microsoft Active Directory running on Windows Server 2016, providing authentication services and group policies for servers and WorkSpaces. The Active Directory instances were protected by Sophos Server Central Protection Standard.
• Office 365: Existing Office 365 tenant providing collaboration services and Office 2016 Click-to-run.
• Amazon Relational Database Service (RDS) running MySQL supporting the EA Repository.
• VPC Peering from the Management network to the Production and Development delivery networks for seamless connectivity.
• Websense (Forcepoint) for Web filtering and protection against advanced web-based threats and data theft.