Prepare AWS

To assist with the smooth integration of your AWS platform with the HyWorks Controller, use the following references:

• Supported Feature Matrix

• Pre-requisites

• Configure Controller for Domain Account Authentication in Proxy server

• Desktop Operation Support

• Limitation with AWS Handler

• Special Configurations for Multi-availability Zone

Supported Feature Matrix

Feature	Sub Feature Category	Sub Feature	AWS
Deploy pool with existing VMs	-	-	Yes
Desktop VM Provisioning	Clone Type	Linked Clone	Not Applicable
		Full Clone	Yes
	Clone from Snapshot	-	No
	Disk persistence	Persistent VM Deployment	Yes
		Non-persistent VM Deployment	No
		Enable DVM Reset	No
		Deployment Setting	Only resource group, not Location
		Customization	Both (Sysprep and Hyprep)
		IP Address Filter	Yes
		Shared hosted desktop provisioning and automated deployment	Yes
		Automated power management and scaling	Yes
Desktop Power Operations	-	-	Yes
Operating Systems Support on Provider	Windows Desktops	Windows 7	Yes
		Windows 8.1	Yes
		Windows 10	Yes
		Windows 11	Yes
	Windows Servers	Windows Server 2008 R2	Yes
		Windows Server 2012 R2	Yes
		Windows Server 2016	Yes
		Windows Server 2019	Yes
		Windows Server 2022	Yes
	Linux Desktops	CentOS 7	Yes
		Ubuntu 16.04/1	Yes
		Ubuntu 18.04/1	Yes
		Ubuntu 20.04/1	Yes
		RHEL v7.9	Yes

Pre-requisites

1. AWS Account ID: The AWS Account ID is the unique identifier of an account created and granted as an IAM User.

2. AWS Secret Key: An AWS secret is a password known only to your IAM User. It protects your resources by granting tokens only to authorized requestors.

3. AWS Access ID: The Access Key ID is part of Access keys, which are long-term credentials for an IAM user. The AWS Secret Key and AWS Access ID together form the Access keys.

4. Region: The region is a physical location worldwide where virtual Desktops will be stored.

Configure AWS IAM User

• To configure an AWS IAM Identity and Access Management user, follow these steps:

  Step 1. Login to AWS Management Console.

  • Go to the AWS Management Console.

  • Log in with your root account or an IAM user with the necessary permissions.

  Step 2. Navigate to IAM.

  

  Step 3: Create a New IAM User

  • In the left navigation pane, click on Users.

  

  • Click on the Create user button at the top right of the page.

  

  • Specify the User Name and click on Next.

  • For Example:

    • Username: hyworks_aws

      

    Note

    If you create programmatic access through access keys, you can generate them after creating this IAM user. Learn more

  • On the screen below, select the Attached policy directly option and add the permission policies below.

Name	Type	Used as
AmazonEC2FullAccess	AWS managed	Permissions policy
AWSConnector	AWS managed	Permissions policy
ResourceGroupsandTagEditorFullAccess	AWS managed	Permissions policy

• Set permissions boundary - optional and then Select Next.

• Review and create.

• Add a new tag, which is optional, and then select Create User.

  

• Select View user.

  

  • Click on Create Access Key to create a new Access Key.

  Note

  To view or use the existing one, go to the Security Credential tab if it has already been created.

  

  • Select Other and click on Next.

  

  • Set the Description tag, which is optional, and click on Create Access Key.

  

  • Retrieve access keys, Download the .csv file, and click Done.

  

  • Summary of Access Key

  

  Note

  • The downloaded CSV will contain the Access Key ID and Secret Access Key. HyWorks controller required a Secret access key to connect to AWS.

  • Internet Access is required on the HyWorks Controller to connect to AWS.

Step 4: Log in to HyWorks Controller and Go to Settings > Configure > Connector > Add.

• Click on Add.

• Add AWS Details, select the Region where Gold VM is located, and click on Test Connection. Once the Session Provider is reachable. Click on Add to continue.

• Wait for the synchronization. Once completed, the AWS connector status will be green and Reachable. The desktop counts are shown below.

• To create a New VDI/SHD Pool, Go to VDI > Pools > Add Desktop Pool, Add the required details, and select Session Provider as AWS_production-Subscription, which was added in previous steps.

Note

As shown above, the session provider's name can be set per requirement.

• Go to Deployment Tab Select a Source VM, click on Browse Gold/Master Image

Note

Gold Image VDI/SHD needs to be pre-created before provisioning new VMS from Gold/Master image using HyWorks Controller.

• A list of VMs will be shown; select the correct GOLD/Master Image and click OK.

Note

• If the VM is powered on, it will be powered off to clone the VM from Gold/Master Image, and then click OK.
• Ensure that Session Host Software on SHD and DVM tools on VDI are installed on Gold/master Image.
• Ignore DVM status. If Gold/Master Image is powered off and the required software/tools are installed, ignore it and click on continue. Press OK and continue.

• Click Next once the Gold/Master image is selected, and go to Customization.

• Add the required details on the upcoming screen and click on Finish.

• Once Cloning is completed, the new VDI/SHD will be listed in Pools.

For more information, refer to Create an IAM user in your AWS account

Configure Controller for Domain Account Authentication in Proxy server

Note

If the Internet is not available directly, then follow the below steps to configure the Internet via Proxy Servers for HyWorks Controller.

Make the following configurations in the Controller when configuring the proxy server on the Controller and the AWS-based Desktop Provider is being used.

• Install the controller service using this account (not the Local System account)

  • The account should be configured as "Logon as Service."
  • Configuration can be done at the time of installation or later.
  • The specified account will be used to authenticate through the proxy server.
  • Whitelist URLs are mentioned above.

  

  Fig: Configuration post-installation

• Verify the above configuration in the HyWorks controller:

x:\Program Files (x86)\Accops\HyWorks\Service\EDC.Service.exe.config

Fig: Configuration file change

Note

• A relogin is needed to apply the changes mentioned above.

Desktop Operation Support

Operation	Support	Status on AWS	Status on HyWorks
Power On	Yes	Powered On	Powered On
Power Off	Yes	powered Off	powered Off
Shutdown	Yes	powered Off	powered Off
Restart	Yes	Restart	Restart
Reset	No	-	-
Refresh (Desktop Information on HyWorks)	Yes	-	Update VM details, call the DVM agent
Re-Create (single VM from Desktop VMs page)	Yes	-	-

Limitation with AWS Handler

• Change the Location (the current VM will be cloned in the source VM location)

• The Gold Master Disk should be a managed disk.

Multi-availability Zone Deployment Requirements

For fault tolerance, the customer may try to deploy HyWorks Controllers or its other components, e.g., session host servers or personal virtual desktops.

• HyWorks will not require any special configurations when being deployed in a distributed manner across availability zones.

• Appropriate port requirements for effective communication between HyWorks components must be maintained for deployments across different availability zones.