This document provides information on how base Service Workbench on AWS is customised and what each customised file accomplishes.
The folder structure under the src folder is similar to
SWB's folder structure to enable easy overwrite of files
during deployment process.
To enable RDP capability from Linux workspaces, a new connection type named
customrdp is introduced to handle RDP connection for Linux based workspaces
seperately from the RDP connection for Windows workspaces.
UI is customised for a similar experince for RDP logins irrespective of the type of workspace. Code updates are here
Backend is updated to handle use of the new connection type customrdp.
Updates to backend can be found here
By default ec2-user is used as user-name for logging in. It is advised to ensure that this user
is configured and allows login through RDP for the custom workspaces.
The instance-id is used as default password for ec2-user and is setup during the
user-data script execution for Linux based desktop workspace.
To use the new connection type, update the workspace's cloudformation template output section. Refer this template for an example.
For any new custom Linux based workspaces, ensure JQ and FUSE are pre-installed in the base AMI.
The bootstrap script for Linux based workspaces is changed to enable auto-mounting of studies on GUI login.
The above steps can be used to enable new connection schemes for workspaces, example VNC or DCV.
The default on-boarding template for SWB is updated to allow use of Elastic AppStream fleet types.
In addition, changes are made to the UI form validations for onboarding an existing AWS account as hosting account.
Form validations for the SWB feature allowing to create a new AWS account to use as hosting account, are not changed. For Trusted Research Environment implementations, its expected that an existing account will always be used for hosting workspaces.
The user login simplification is dependent on
appstream application setup as outlined in the link.
The applications deployed by the treehoose-appstream-appbuilder add-on and the application names
specifically are important for this customisation to work.
Below are the simplifications done for different type of connections:
- RDP - launches Remmina application with a preset connection file. The connection
file is created using the information provided in the session context for AppStream.
By default the context information contains, private IP address of workspace, connection scheme
and username. You can optionally include password by setting
ENABLE_PASSWORD_SHAREflag totruein this file. - SSH - automatically launches
terminaland starts a helper script. The user needs to paste their private key. User-name and connection IP address are picked from session context and an ssh session is automatically established. - HTTP - automatically launches firefox in
kioskmode when AppStream session starts. User only needs to copy paste the SageMaker notebook url. The SageMaker notebook url is updated to launch the Jupyter lab as a default.Url can not be passed in context info for the AppStream session as it breaches 1000 character limit.