Amazon App Stream 2.0 FAQs | Application Streaming FAQs Flashcards

Amazon AppStream 2.0 is a fully managed application streaming service that provides users instant access to their desktop applications from anywhere. Amazon AppStream 2.0 simplifies application management, improves security, and reduces costs by moving a company’s applications from their users’ physical devices to the AWS Cloud. The Amazon AppStream 2.0 streaming protocol provides users a responsive, fluid performance that is almost indistinguishable from a natively installed application. With Amazon AppStream 2.0, organizations can realize increased flexibility, improved scalability, and the agility to support a broad range of compute and storage requirements for their applications.

Q: What is Amazon AppStream 2.0?

Amazon AppStream 2.0 is the next-generation desktop application streaming service from AWS. Amazon AppStream was an SDK-based service that customers could use to set up their own streaming service with DIY engineering. AppStream 2.0 provides a fully managed streaming service with no DIY effort. AppStream 2.0 offers a greater range of instance types; streams desktop applications to HTML5-compatible web browsers with no plugins required; provides dual-monitor support on web browsers and 4-monitor, 4K monitor, and USB peripheral support through the AppStream 2.0 client for Windows. In addition, AppStream 2.0 simplifies application lifecycle management and lets your applications access services in your VPC.

Q: What's the difference between the original Amazon AppStream and Amazon AppStream 2.0?

No. You cannot use the original Amazon AppStream service. Amazon AppStream 2.0 offers a greater range of instance types, streams desktop applications with no rewrite, simplifies application lifecycle management, and allows your apps to access services in your VPC.

Q: Can I continue to use the original Amazon AppStream service?

Interactively streaming your application from the cloud provides several benefits:

Q: What are the benefits of streaming over rendering content locally?

Many types of applications work well as streaming applications, including CAD, CAM, CAE, 3D modeling, simulation, games, video and photo-editing software, medical imaging, and life sciences applications. These applications benefit most from streaming because the application runs on the vast computational resources of AWS, yet your users can interact with the application using low-powered devices, with very little noticeable change in application performance.

Q: Do some applications work better with Amazon AppStream 2.0 than others?

Yes. Amazon AppStream 2.0 supports most analog and USB microphones, including built-in microphones.

Q: Does Amazon AppStream 2.0 support microphones?

Yes. Amazon AppStream 2.0 supports most USB devices such as 3D mice through the Windows Client. All USB devices are disabled by default. Administrators can enable USB devices for their users.

Q: Does Amazon AppStream 2.0 support USB devices such as 3D mice?

Q: How do users enable audio input in an Amazon AppStream 2.0 streaming session?

Q: What browser support audio-input in an Amazon AppStream 2.0 session?

A user needs to have applications set up by an administrator, a modern web browser that can support HTML5, a broadband internet connection with at least 2 Mbps capability, and outbound access to the internet via HTTPS (443). For web-based AppStream 2.0 streaming sessions, up to two monitors are supported. To use up to four monitors, 4K monitors and USB peripherals such as 3D mice, users can download and use the AppStream 2.0 client for Windows.

Q: What does a user need to access applications streamed from Amazon AppStream 2.0?

The AppStream 2.0 client for Windows is a native application that is designed for users who require additional functionality not available from web browsers during their AppStream 2.0 streaming sessions. The AppStream 2.0 client lets users use multiple monitors and USB peripherals such as 3D mice with their applications. The client also supports keyboard shortcuts, such as Alt + Tab, clipboard shortcuts, and function keys. The AppStream 2.0 client is supported on the following versions of Windows: Windows 7, Windows 8, Windows 8.1, and Windows 10. Both 32-bit and 64-bit versions of Windows are supported.

Q: What is the AppStream 2.0 Windows Client?

The minimum system requirements are 2 GB of ram and 150 MB of disk space.

Q: What are the system requirements for using the AppStream 2.0 Windows Client?

For browser-based streaming sessions, AppStream 2.0 supports the use of up to two monitors with a maximum display resolution of 2560x1440 pixels per monitor. The AppStream 2.0 client for Windows supports up to 4 monitors with a maximum display resolution of 2560x1440 pixels per monitor. For streaming sessions that are supported by the Graphics Design and Graphics Pro instance families, the AppStream 2.0 client also supports the use of up to 2 monitors with a maximum display resolution of 4096x2160 pixels per monitor.

Q: What monitor configurations are supported by the AppStream 2.0 Windows Client?

Users can download and install the Windows Client. To use USB peripherials, a users need local administrator rights to install the AppStream 2.0 USB driver. You can remotely install the Windows Client using remote deployment tools like Microsoft System Center Configuration Manager (SCCM). Learn more in our documentation.

Q: How can I deploy the AppStream 2.0 Windows Client to my users?

Yes. Users can set the time zone, locale, and input method to be used in their streaming sessions to match their location and language preferences.

Q: Can users configure location and language settings for their applications?

Yes. Users can use the Windows Client and Google Chrome to access their streaming applications can copy and paste text between their local device and their streaming applications in the same way they copy and paste between applications on their local device - for example, using keyboard shortcuts. For other browsers, users can use the Amazon AppStream 2.0 web clipboard tool.

Q: Can users copy and paste between their local device and their Amazon AppStream 2.0 streaming applications?

No. Amazon AppStream 2.0 requires a sustained internet connection or network route to an AppStream 2.0 streaming VPC endpoint to access your applications.

Q: Can my Amazon AppStream 2.0 applications run offline?

Streaming resources: Amazon AppStream 2.0 launches and manages AWS resources to host your application, deploys your application on those resources, and scales your application to meet client demand.

Q: What does Amazon AppStream 2.0 manage on my behalf?

Yes. you can assign tags to manage and track the following Amazon AppStream 2.0 resources: Image builders, images, fleets, and stacks. AWS enables you to assign metadata to your AWS resources in the form of tags. Tags let you categorize your AppStream 2.0 resources so you can easily identify their purpose and track costs accordingly. For example, you can use tags to identify all resources used by a particular department, project, application, vendor, or use case. Then, you can use AWS Cost Explorer to identify trends, pinpoint cost drivers, and detect anomalies in your account.

Q: Can I use tags to categorize AppStream 2.0 resources?

With CloudFormation, you can automate creating fleets, deploying stacks, adding and managing user pool users, launching image builders, and creating directory configurations alongside your other AWS resources.

Q. What resources can I create with AWS CloudFormation?

First, create an Amazon Virtual Private Cloud (Amazon VPC) endpoint in the same Amazon VPC as your AWS Direct Connect, AWS VPN, or other VPN tunnel. Then, specify the VPC endpoint when creating a new stack, modifying an existing one, or creating a new image builder. Your users will then use the VPC endpoint when they stream their applications. To learn more about the AppStream 2.0 streaming VPC endpoints, see Creating and Streaming From VPC Interface Endpoints in the AppStream 2.0 Administration Guide.

Q: How do I use my AWS Direct Connect, AWS VPN, or other VPN tunnel to stream my applications?

Yes. Visit Try Sample Applications low-friction, setup-free trial experience for Amazon AppStream 2.0 service.

Q: Can I try sample applications?

You need an AWS account and a broadband Internet connection with at least 1 Mbps bandwidth to use Try It Now. You also need a browser capable of supporting HTML5.

Q: What do I need to start using Try It Now?

You won’t be charged any AWS fees for using Try It Now. However, you may incur other fees such as Internet or broadband charges to connect to the Try It Now experience.

Q: Will I be charged for using Try It Now?

Try It Now includes popular productivity, design, engineering, and software development applications running on Amazon AppStream 2.0 for you to try. To see the full list of available applications, go to the Try It Now catalog page after signing in with your AWS account.

Q: What applications can I use with Try It Now?

You can stream the applications included in Try It Now for up to 30 minutes. At the end of 30 minutes, your streaming session is automatically terminated and any unsaved data will be deleted.

Q: How long can I stream applications via Try It Now?

You can save files to your Amazon AppStream 2.0 session storage and download them to your client device before your streaming session ends. Your files are not saved when you disconnect from your Try It Now session, or when your session ends, and any unsaved data will be deleted.

Q: Can I save files within Try It Now?

Yes. You can submit a request to include your application in Try It Now. After your request is received, AWS usually reviews the request and responds within 10 business days.

Q: Can I submit an application to be included in Try It Now?

You can begin using Amazon AppStream 2.0 by visiting the AWS Management Console, or by using the AWS SDK. Visit Stream Desktop Applications for a 10 step tutorial.

Q: How do I get started with Amazon AppStream 2.0?

You need to create an Amazon AppStream 2.0 stack in your AWS account to start streaming applications to your users. A stack includes a fleet of Amazon AppStream 2.0 instances that executes and streams applications to end users. Each instance is launched using an Amazon AppStream 2.0 image containing your applications, and uses an instance type that you select for your fleet. To learn more about Amazon AppStream 2.0 resources, please visit this page.

Q: What resources do I need to set up to stream my applications using Amazon AppStream 2.0?

You can create an Amazon AppStream 2.0 image using Image Builder via the AWS Management Console. Image Builder allows you to install and test your applications just as you would with any Windows desktop, and then create an image. You can complete all the install, test, and creation steps for the image without leaving the console.

Q: How do I create an Amazon AppStream 2.0 image to import my applications?

Q: What instance types are available to use with my Amazon AppStream 2.0 fleet?

Yes. You can change your instance type after you have created a fleet. To change the instance type, you will need to stop the fleet, edit the instance type, and then start the fleet again. For more information, see Set up AppStream 2.0 Stacks and Fleets.

Q: Can I change an instance type after creating a fleet?

Yes. You can choose the VPCs to which your Amazon AppStream 2.0 instances (fleet and image builders) connect. When you create your fleet, or launch Image Builder, you can specify one or more subnets in your VPC. If you have a VPC with a VPN connection to your on-premises network, then Amazon AppStream 2.0 instances in your fleet can communicate with your on-premises network. You retain the usual control you have over network access within your VPC, using all the normal configuration options such as security groups, network access control lists, and routing tables. For more information about creating a VPC and working with subnets, see Working with VPCs and Subnets.

Q: Can I connect Amazon AppStream 2.0 instances to my VPC?

Yes. You can customize your users' Amazon AppStream 2.0 experience with your logo, color, text, and help links in the application catalog page. To replace AppStream 2.0's default branding and help links, log in to the AppStream 2.0 console, navigate to Stacks, and select a your application stack. Then, click Branding, choose Custom, select your options, and click Save. Your custom branding will apply to every new application catalog launched using SAML 2.0 single-sign-on (SSO) or the CreateStreamingURL API. You can revert to the default AppStream 2.0 branding and help links at any time. To learn more, visit Add Your Custom Branding to Amazon AppStream 2.0.

Q: Can I use custom branding with Amazon AppStream 2.0?

Yes, you can set default application settings for your users. This includes application connection profiles, browser settings, and installing plugins.

Q: Can I define default application settings for my users?

Q: Can users save their application settings?

There is no additional AppStream 2.0 charge to use this feature. However, persistent user application settings are stored in an Amazon S3 bucket in your account, and you will be billed for the S3 storage used for your user’s settings data. See Amazon S3 pricing or Enable Application Settings Persistence for Your AppStream 2.0 Users for more information.

Q: Am I charged for persistent user application settings?

Enable Application Settings Persistence for Your AppStream 2.0 Users

Q: Is there a limit to the file size of my users' persistent application settings?

Q: How are my users' application settings secured? Your users' application settings are encrypted in transit to the S3 bucket in your account using Amazon S3's SSL endpoints. Your users' application settings are encrypted at rest using S3-managed encryption keys.

Q: Will my users' application settings persist across stacks?

Q: How are my users' application settings secured?

Q: Can I dynamically entitle users to apps?

You can use Amazon AppStream 2.0 Image Builder to create images with your own applications. To learn more, please visit the tutorial found on this page.

Q: How can I create images with my own applications?

Amazon AppStream 2.0 streams applications that can run on the following 64-bit OS versions - Windows Server 2012 R2, Windows Server 2016 and Windows Server 2019. You can add support for 32-bit applications by using the WoW64 extensions. If your application has other dependencies, such as the .NET framework, include those dependencies in your application installer.

Q: With which operating system do my apps need to be compatible?

Q: Can I install anti-virus software on my Amazon AppStream 2.0 image to secure my applications?

Any changes that are made to the image using Image Builder through local group policies will be reflected in your AppStream 2.0 images. Any customizations made with domain based group policies can only be applied to domain joined fleets.

Q: Can I customize the operating system using group policies?

AppStream 2.0 regularly releases base images that include Microsoft Windows operating system updates and AppStream 2.0 agent updates. The AppStream 2.0 agent software runs on your streaming instances and enables your users to stream applications. When you create a new image, the Always use latest agent version option is selected by default. When this option is selected, any new image builder or fleet instance that is launched from your image will always use the latest AppStream 2.0 agent version. If you deselect this option, your image will use the agent version you selected when you launched the image builder. Windows operating system updates are released only through base images. To keep your operating system updated in your images, you need to rebuild your images using the latest AWS base image.

Q: How will my Amazon AppStream 2.0 images be updated with updates from the AppStream 2.0 service?

You will need to create new AppStream 2.0 images to apply Windows updates. To do this, you can create a new image builder instance from an existing image, apply Microsoft updates, and create a new image. Existing streaming instances will be replaced with instances launched from the new image within 16 hours or immediately after users have disconnected from them, whichever is earlier. You can immediately replace all the instances in the fleet with instances launched from the latest image by stopping the fleet, changing the image used, and starting it again.

Q: How will my Amazon AppStream 2.0 images be updated with Windows updates from Microsoft?

To update applications on the image, or to add new applications, launch Image Builder using an existing image, update your applications and create a new image. Existing streaming instances will be replaced with instances launched from the new image within 16 hours or immediately after users have disconnected from them, whichever is earlier. You can immediately replace all the instances in the fleet with instances launched from the latest image by stopping the fleet, changing the image used, and starting it again.

Q: How do I update my applications in an existing image?

Yes. Amazon AppStream 2.0 allows you to launch streaming instances (fleets and image builders) in your VPC, which means you can control access to your existing resources from your AppStream 2.0 applications. For more information, see Network Settings for Fleet and Image Builder Instances.

Q: Can I connect my Amazon AppStream 2.0 applications to my existing resources, such as a licensing server?

Q. Can I copy my Amazon AppStream 2.0 images?

Q: Can I share application images with other AWS Accounts?

Q: What permissions can I give other AWS accounts when I share my application image(s) with them?

Q: If I share an application image with another AWS account, can I delete it or remove permissions?

Yes. Amazon AppStream 2.0 offers Graphics Design, Graphics Pro and Graphics G4 instance families.

Q: Does Amazon AppStream 2.0 offer GPU-accelerated instances?

Amazon AppStream 2.0 offers two fleet types: Always-On and On-Demand. Always-On fleet instances are in a running state, even if no users are connected. This is best when your users need high availability and instant access to their applications. On-Demand fleets instances don’t start until a user connects to an instance within the fleet. This fleet type is best when your users can wait up to 2 minutes to start their applications, and for streaming applications that have sporadic use.

Q: What types of fleets are available with Amazon AppStream 2.0?

You can only specify the fleet type when you create a new fleet, and you cannot change the fleet type once the fleet has been created.

Q: Can I switch my Amazon AppStream 2.0 Always-On fleet to On-Demand or vice versa?

Always-On fleets are best for when your users need high availability and instant access to their applications. On-Demand fleets instances don’t start until a user connects to an instance within the fleet, and is best for when your users can wait up to 2 minutes to start their applications, and for streaming applications that have sporadic use.

Q: What are the benefits to Always-On and On-Demand fleets for Amazon AppStream 2.0?

Amazon AppStream 2.0 can stream your applications to HTML5-compatible browsers, including the latest versions of Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, and Microsoft Edge, on desktop devices, including Windows, Mac, Chromebooks, and Linux PCs. The AppStream 2.0 client for Windows lets your users use 4 monitors, 4K monitors and and USB peripherals such as 3D mouse with your applications on AppStream 2.0. The AppStream 2.0 client for Windows is supported on the following versions of Windows: Windows 7, Windows 8, Windows 8.1, and Windows 10. Both 32-bit and 64 bit versions of Windows are supported.

Q: What client operating systems and browsers are supported?

Amazon AppStream 2.0 streams applications that can run on the following 64-bit OS versions - Windows Server 2012 R2, Windows Server 2016 and Windows Server 2019. You can add support for 32-bit applications by using the WoW64 extensions. If your application has other dependencies, such as the .NET framework, include those dependencies in your application installer.

Q: What server operating system is supported?

Please refer to the AWS Regional Products and Services page for details of Amazon AppStream 2.0 service availability by region

Q: Which AWS regions does Amazon AppStream 2.0 support?

Q: What instance types are available to use with my Amazon AppStream 2.0 fleet?

Amazon AppStream 2.0 uses Fleet Auto Scaling to launch Amazon AppStream 2.0 instances running your application and to adjust the number of servers to match the demand for end-user sessions. Each end-user session runs on a separate instance, and all the apps that are streamed within a session run on the same instance. An instance is used to stream applications for only one user, and is replaced with a new instance at the end of the session.

Q: How does Amazon AppStream 2.0 scale?

Amazon AppStream 2.0 supports fixed and dynamic scaling policies. Use a fixed scaling policy to keep a constant number of Amazon AppStream 2.0 instances and users who can start a streaming session. Use a dynamic scaling policy to scale based on the use of Amazon AppStream 2.0 instances in your environment.

Q: What scaling policy does Amazon AppStream 2.0 support?

A Fleet Auto Scaling policy is a dynamic scaling policy that allows you to scale the size of your fleet to match the supply of available instances to user demand. You can define scaling policies that adjust the size of your fleet automatically based on a variety of utilization metrics, and optimize the number of running instances to match user demand.

Q: What is an Amazon AppStream 2.0 Fleet Auto Scaling policy?

You can create automatic scaling policies from the Fleets tab in the AppStream 2.0 console, or by using the AWS SDK.

Q: How can I create auto scaling policies for my Amazon AppStream 2.0 fleet?

You can use the following metrics to build your Fleet Auto Scaling policies:

Q: Which Amazon AppStream 2.0 CloudWatch metrics can I use to build Fleet Auto Scaling polices?

Yes. You can have up to 50 Fleet Auto Scaling policies associated with a single fleet. Each policy allows you to set a single criteria and action for resizing your fleet.

Q: Can my Amazon AppStream 2.0 fleet have more than one associated Fleet Auto Scaling policy?

You can set your Fleet Auto Scaling policies to scale in to zero instances. Scaling policies associated with your fleet decrease fleet capacity until it reaches your defined minimum, or the default setting of one if you haven’t set a minimum. For more information, please see Fleet Auto Scaling for Amazon AppStream 2.0.

Q: What is the minimum size I can set for my Amazon AppStream 2.0 fleet when using Fleet Auto Scaling policies?

Fleet Auto Scaling policies increase fleet capacity until it reaches your defined maximum size or until service limits apply. For more information, please see Fleet Auto Scaling for Amazon AppStream 2.0. For service limit information, please see Amazon AppStream 2.0 Service Limits.

Q: What is the maximum size I can set for my Amazon AppStream 2.0 fleet when using Fleet Auto Scaling policies?

There are no charges for using Fleet Auto Scaling policies. However, each CloudWatch alarm that you create and use to trigger scaling policies for your AppStream 2.0 fleets may incur additional CloudWatch charges. For more information, see Amazon CloudWatch Pricing.

Q: Are there additional costs for using Fleet Auto Scaling policies with Amazon AppStream 2.0 fleets?

Q: Does Amazon AppStream 2.0 offer persistent storage so that I can save and access files between sessions?

Enable and Administer Home Folders for Your AppStream 2.0 Users

Home folders

Enable and Administer Google Drive for Your AppStream 2.0 Users

Google Drive for G Suite

Enable and Administer OneDrive for Your AppStream 2.0 Users

Microsoft OneDrive for Business

Users can access a home folder during their application streaming session. Any file they save to their home folder will be available for use in the future. They can also connect their G Suite account to access Google Drive and connect their Microsoft OneDrive for Business account to access OneDrive within AppStream 2.0. New files added or changes made to existing files within a streaming session are automatically synced between AppStream 2.0 and their persistent storage options.

Q: How do users access persistent storage from their Amazon AppStream 2.0 sessions?

Yes. You can enable Home Folders, Google Drive for G Suite, and Microsoft OneDrive for Business. To optimize your internet bandwidth, create a VPC endpoint for Amazon S3 and authorize AppStream 2.0 to access your VPC endpoint. This routes Home Folders data through your VPC and Google Drive or OneDrive data through the public Internet.

Q. Can I enable multiple persistent storage options for an Amazon AppStream 2.0 stack?

When creating an Amazon AppStream 2.0 stack, select the option to enable Google Drive for the stack, provide your G Suite domain names, and create the stack. To learn more, visit Enable and Administer Google Drive for Your AppStream 2.0 Users.

Q. How do I enable Google Drive for G Suite for Amazon AppStream 2.0?

Yes. Users can remove permissions that AppStream 2.0 has to their Google account from their Google account permissions page.

Q. Can a user remove their Google Drive for G Suite account?

Yes. Only user accounts with your G Suite organization's domain name can use their Google Drive account. Users cannot link any other accounts. To learn more, visit Enable and Administer Google Drive for Your Users.

Q. Can I control which Google Drive for G Suite accounts integrate with AppStream 2.0?

Any file type that is supported by Google Drive can be stored during the streaming session. For more details on the file types supported by Google Drive, refer to Google Drive FAQs.

Q. What kind of data can users store in Google Drive during a streaming session?

Q. Can users transfer files from their device to Google Drive during their streaming session?

When creating an Amazon AppStream 2.0 stack, select the option to enable OneDrive for Business for the stack, provide your OneDrive for Business domain names, and create the stack. To learn more, visit Enable and Administer OneDrive for Your AppStream 2.0 Users.

Q. How do I enable Microsoft OneDrive for Business for Amazon AppStream 2.0?

Yes. Only user accounts with your OneDrive for Business domain names can use their accounts. Users cannot link any other accounts. To learn more, visit Enable and Administer OneDrive for Your AppStream 2.0 Users.

Q. Can I control which Microsoft OneDrive for Business accounts integrate with AppStream 2.0?

Yes. Users can remove permissions that AppStream 2.0 has to their OneDrive for Business online account.

Q. Can a user remove Microsoft OneDrive for Business?

Any file type that is supported by OneDrive for Business can be stored during the streaming session. For more details on the file types supported by OneDrive for Business, refer to OneDrive for Business documentation.

Q. What kind of data can users store in Microsoft OneDrive for Business during a streaming session?

Q. Can users transfer files from their device to Microsoft OneDrive for Business during their streaming session?

There are two ways you can monitor your Amazon AppStream 2.0 fleet. First, the AppStream 2.0 console provides a lightweight, real-time view of the state of your AppStream 2.0 fleet, and offers up to two weeks of historical usage data. Metrics are displayed automatically, and don’t require any setup.

Q: How do I monitor usage of my Amazon AppStream 2.0 fleet resources?

You can see the size of your Amazon AppStream 2.0 fleet, the number of running instances, the number of instances available to accept new connections, and the utilization of your fleet. You can track these metrics over time so that you can optimize your fleet settings to suit your needs.

Q: What information can I get from the Amazon AppStream 2.0 usage metrics?

Yes, you can create custom metrics for Amazon AppStream 2.0. For more information, see Publish Custom Metrics.

Q: Can I create custom Amazon CloudWatch metrics for Amazon AppStream 2.0?

Amazon AppStream 2.0 sends metrics to Amazon CloudWatch every 1 minute. The metrics are stored in CloudWatch using the standard retention policy. For more information, see Amazon CloudWatch FAQs.

Q: How frequently are Amazon AppStream 2.0 metrics published to Amazon CloudWatch?

You can create Amazon CloudWatch alarms for Amazon AppStream 2.0 using the CloudWatch console or the CloudWatch APIs.

Q: How do I create CloudWatch alarms for Amazon AppStream 2.0?

There is no additional charge for viewing CloudWatch metrics for AppStream 2.0. You may incur additional charges for setting up CloudWatch alarms and retrieving metrics via the CloudWatch APIs. For more information, see Amazon CloudWatch Pricing.

Q: Are there additional costs for using CloudWatch metrics with Amazon AppStream 2.0?

Yes, Amazon AppStream 2.0 includes APIs that you can use to easily integrate and extend the service. The APIs enable you to create, update, and delete Amazon AppStream 2.0 resources, and provide detailed information about resource states. You can create URLs for administrators to connect to their image builders to install applications, and create URLs for users to access their AppStream 2.0 applications. See our API reference for more information.

Q: Does Amazon AppStream 2.0 offer a set of public APIs?

Amazon AppStream 2.0 uses NICE DCV to stream your applications to your users. NICE DCV is a proprietary protocol used to stream high-quality, application video over varying network conditions. It streams video and audio encoded using standard H.264 over HTTPS. The protocol also captures user input and sends it over HTTPS back to the applications being streamed from the cloud. Network conditions are constantly measured during this process and information is sent back to the encoder on the server. The server dynamically responds by altering the video and audio encoding in real time to produce a high-quality stream for a wide variety of applications and network conditions.

Q: What streaming protocol does Amazon AppStream 2.0 use?

While the remoting protocol has a maximum round-trip latency recommendation of 250 ms, the best user experience is achieved at less than 100 ms. If you are located more than 2000 miles from the AWS Regions where Amazon AppStream 2.0 is currently available, you can still use the service, but your experience may be less responsive.

Q: What is the maximum network latency recommended while accessing Amazon AppStream 2.0?

Security groups enable you to specify network traffic that is allowed between your streaming instances and resources in your VPC. You can restrict network access by assigning an image builder or fleet to the security groups in your VPC. For more information, refer to Security Group for Your VPC.

Q: How do I restrict network access from fleets and image builders launched in my VPC?

Yes. You can assign an image builder or fleet to existing security groups in your VPC.

Q: Can I use existing VPC security groups to secure AppStream 2.0 fleets and image builders?

You can assign an image builder or fleet to up to five security groups.

Q: How many security groups can I apply to a fleet or image builder?

Yes. You can change the security groups to which your fleets are assigned, so long as they are in the stopped status.

Q: Can I change the security groups to which my fleets are assigned after they have been created?

No. You cannot change the security groups to which your fleets are assigned after they have been created. To assign an image builder to a different security groups, you will need to create a new image builder.

Q: Can I change the security groups to which my image builders are assigned after they have been created?

Files and folders in your users' home folders are encrypted in transit using Amazon S3's SSL endpoints. Files and folders are encrypted at rest using Amazon S3-managed encryption keys.

Q: How is the data stored in my user's home folders secured?

The streamed video and user inputs are sent over HTTPS and are SSL-encrypted between the Amazon AppStream 2.0 instance executing your applications, and your end users.

Q: How is the data from my streamed application encrypted to the client?

Yes. You can choose whether to allow users to transfer data between their streaming applications and their local device through copy or paste, file upload or download, or print actions. To learn move, visit Create Fleets and Stacks.

Q. Can I control data transfer between AppStream 2.0 and my users' devices?

There are three options to authenticate users with Amazon AppStream 2.0: you can use built-in user management, you can build a custom identity, or you can set up federated access using SAML 2.0.

Q: How do I authenticate users with Amazon AppStream 2.0 applications?

Yes. Amazon AppStream 2.0 supports identity federation using SAML 2.0, which allows you to use your existing user directory to manage end user access to your AppStream 2.0 apps. For details on setting up SAML integration, see the steps outlined here.

Q: Can I use Amazon AppStream 2.0 with my existing user directory, including Microsoft Active Directory?

Q: What type of identity federation does Amazon AppStream 2.0 support?

To configure identity federation with Amazon AppStream 2.0, you need a SAML 2.0 Identity Provider that links to an existing LDAP-compatible directory, such as Microsoft Active Directory. Microsoft Active Directory Federation Services (ADFS), Ping Identity, Okta, and Shibboleth, are all examples of SAML 2.0 Identity Providers that will work with AppStream 2.0.

Q: What are the requirements for setting up identity federation with Amazon AppStream 2.0?

Yes. When using built-in user management, you can control which users have access to your Amazon AppStream 2.0 stacks in the User Pool tab of the AppStream 2.0 management console. To learn more about user management within AppStream 2.0, see Using the AppStream 2.0 User Pool.

Q: Can I control which users access my Amazon AppStream 2.0?

Yes. You can enable Multi-Factor Authentication when using federation with SAML 2.0 or when using your own entitlement service.

Q: Can I enable multi-factor authentication for my users?

Yes. You can setup every Amazon AppStream 2.0 stack as an entity or a package in your federation service. This allows your users to select which stack they want to access while signing in from your application portal.

Q: Can users choose which Amazon AppStream 2.0 stack they want to access during signing-in?

You can use AWS Identity and Access Management (IAM) to add users to your AWS account and grant them access to view and manage your Amazon AppStream 2.0 application. For more information, see “What is IAM?” in the IAM User Guide.

Q: Who can access the management console for my Amazon AppStream 2.0 application?

Yes, Amazon AppStream 2.0 images can be joined to your Microsoft Active Directory domains. This allows you to apply your existing AD policies to your streaming instances, and provides your users with single sign on access to Intranet sites, file shares, and network printers from within their applications. Your users are authenticated using a SAML 2.0 provider of your choice, and can access applications that require a connection to your AD domain.

Q: Can I join Amazon AppStream 2.0 image builders to Microsoft Active Directory domains?

Microsoft Active Directory Domain Functional Level Windows Server 2008 R2 and newer are supported by Amazon AppStream 2.0.

Q: What Microsoft Active Directory versions are supported?

Amazon AppStream 2.0 supports AWS Directory Services Microsoft AD. Other options such as AD Connector and Simple AD are not supported. To learn more about AWS Microsoft AD see What Is AWS Directory Service.

Q: Which AWS Directory Services directory options are supported by Amazon AppStream 2.0?

To get started you will need a Microsoft Active Directory domain that is accessible from an Amazon VPC, the credentials of a user with authority to join the domain, and the domain Organizational Unit (OU) you want to join to your fleet. For more information, see Using Active Directory Domains with AppStream 2.0.

Q: How do I join my Amazon AppStream 2.0 instances to my Microsoft Active Directory domain?

Yes, you can use your existing Organizational Unit (OU) structure with Amazon AppStream 2.0. To learn more, see Using Active Directory Domains with AppStream 2.0.

Q: Can I use my existing Organization Units (OU) structure with Amazon AppStream 2.0?

Amazon AppStream 2.0 will automatically create a unique computer object for every image builder and fleet instance you configure to be joined to your Microsoft Active Directory domain.

Q: What gets joined to my Microsoft Active Directory domain by Amazon AppStream 2.0?

Amazon AppStream 2.0 computer objects are only be created in the Microsoft Active Directory Organization Unit (OU) you specify. The description field indicates that the object is an AppStream 2.0 instance, and to which fleet the object belongs. To learn more, see Using Active Directory Domains with AppStream 2.0.

Q: How can I identify Amazon AppStream 2.0 computer objects in my Microsoft Active Directory domain?

Computer objects created by Amazon AppStream 2.0 that are no longer used will remain in your Active Directory (AD) if the AppStream 2.0 fleet or image builder is deleted, you update a fleet or image builder to a new OU, or select a different AD. To remove unused objects you will have to delete them manually from your AD domain. To learn more, see Using Active Directory Domains with AppStream 2.0.

Q: How are computer objects that are created by Amazon AppStream 2.0 deleted from my Microsoft Active Directory domain?

To enable user access, you will need to set up federated access using a SAML 2.0 provider of your choice. This allows you to use your existing user directory to control access to streaming applications available via Amazon AppStream 2.0. For details on setting up SAML 2.0 integration, see the steps outlined at Setting Up SAML.

Q: How do I provide users with access to Amazon AppStream 2.0 streaming instances that are joined to a Microsoft Active Directory domain?

No. At this time we do not support User Pools users connecting to domain joined resources. To learn more about User Pools see, Using the AppStream 2.0 User Pool.

Q: Can I connect my users that are managed through User Pools to my Active Directory domain?

You are charged for the streaming resources in your Amazon AppStream 2.0 environment, and monthly user fees per unique authorized user accessing applications via Amazon AppStream 2.0. You pay for these on-demand, and never have to make any long-term commitments.

Q: How much does Amazon AppStream 2.0 cost?

Yes. If you have Microsoft License Mobility, you may be eligible to bring your own Microsoft RDS CAL licenses and use them with Amazon AppStream 2.0. For users covered with your own licenses, you won’t incur the monthly user fees. For more information about using your existing Microsoft RDS SAL licenses with Amazon AppStream 2.0, please visit this page, or consult with your Microsoft representative.

Q: Can I bring my own licenses and waive the user fees?

Schools, universities, and public institutions may qualify for reduced user fees. Please reference the Microsoft Licensing Terms and Documents for qualification requirements. If you think you may qualify, please contact us. We will review your information and work with you to reduce your Microsoft RDS SAL fee. There is no user fee incurred when using image builder instances.

Q: What are the requirements for schools, universities, and public institutions to reduce their user fee?

You will need to provide AWS your institution's full legal name, principal office address, and public website URL. AWS will use this information to qualify you for AppStream 2.0's reduced user fees for qualified educational institutions. Please note: The use of Microsoft software is subject to Microsoft’s terms. You are responsible for complying with Microsoft licensing. If you have questions about your licensing or rights to Microsoft software, please consult your legal team, Microsoft, or your Microsoft reseller. You agree that we may provide the information to Microsoft in order to apply educational pricing to your Amazon AppStream 2.0 usage.

Q: What do I need to provide to qualify as a school, university, or public institution?

No, your user fees are specific to Amazon AppStream 2.0, and do not affect any other AWS cloud services or licenses you have.

Q. Does qualification for Amazon AppStream 2.0's reduced RDS SAL user fees affect other AWS cloud services?

Yes. When you set tags to appear on your monthly Cost Allocation Report, your AWS monthly bill will also include those tags. You can then easily track costs according to your needs. To do this, first assign tags to your Amazon AppStream 2.0 resources by following the steps in Tagging Your AppStream 2.0 Resources. Next, select the tag keys to include in your cost allocation report by following the steps in Setting Up Your Monthly Cost Allocation Report.

Q: Can I use tags to obtain usage and cost details for Amazon AppStream 2.0 on my AWS monthly billing report?

There are no additional costs when using tags with Amazon AppStream 2.0.

Q: Are there any costs associated with tagging Amazon AppStream 2.0 resources?

Yes. If you have an executed Business Associate Addendum (BAA) with AWS, you can use Amazon AppStream 2.0 with the AWS accounts associated with your BAA to stream desktop applications with data containing protected health information (PHI). If you don’t have an executed BAA with AWS, contact us and we will put you in touch with a representative from our AWS sales team. For more information, see HIPAA Compliance.

Q: Is Amazon AppStream 2.0 HIPAA eligible?

Yes. Amazon AppStream 2.0 is PCI compliant and conforms to the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a proprietary information security standard administered by the PCI Security Standards Council, which was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. PCI DSS applies to all entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD) including merchants, processors, acquirers, issuers, and service providers. The PCI DSS is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. For more information, see PCI DSS Compliance.

Q: Is AppStream 2.0 PCI Compliant?

Yes. Amazon AppStream 2.0 is included in the AWS System and Organizational Controls (SOC) reports. AWS System and Organization Controls Reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the AWS controls established to support operations and compliance. You can learn more about the AWS Compliance programs by visiting AWS Compliance Programs or by visiting the Services in Scope by Compliance Program.

Q: Is Amazon AppStream 2.0 included in the System and Organizational Controls (SOC) reports?

Amazon App Stream 2.0 FAQs | Application Streaming FAQs Flashcards ionicons-v5-c

Amazon App Stream 2.0 FAQs | Application Streaming FAQs Flashcards