This policy will assign a specific user access to a specific bucket in s3 { “Version”: “2012-10-17”, “Statement”: [ { “Effect”: “Allow”, “Action”: [ “s3:GetBucketLocation”, “s3:ListAllMyBuckets” ], “Resource”: “arn:aws:s3:::*” }, { “Effect”: “Allow”, “Action”: “s3:*”, “Resource”: [ “arn:aws:s3:::mybucketname”, “arn:aws:s3:::mybucketname/*” ] } ] }
AWS AppStream 2.0 Whats New for June 2018? AWS have updated AppStream 2.0 to introduce some fantastic new features in the May & June 2018 releases. Google Drive support has been added (selectable at fleet creation). It only supports G-suite enterprise and must be enabled in G-Suite to function, but it also has support for […]
Situation Recently a customer received the following message ‘this OS/platform is not authorized to access your Workspace’ when connecting to newly built AWS Workspace instance whilst attempting to connect via ‘Web Access’ https://clients.amazonworkspaces.com/ In more recent WorkSpace Updates (Jan 2019) if you dont explicitly have Web Access enabled you will receive a ERR_CM_REQUEST_FAILED message This OS/platform […]
Problem This month on creation of a new image builder in AWS AppStream we noticed that the AWS AppStream 2.0 Image Builder X Drive was not being created. The X drive is the temporary drive for uploading and downloading files to and from the AppStream instance, and usually where we house deployment scripts, build scripts, […]
Scenario AWS AppStream 2.0 generates a SHA-256 hash of the users NameID for their Home Drive – when using SAML (aka Federated) authentication. This can potentially make it difficult to find the users home share if browsing from AWS S3 or for support teams when supporting users or uploading documents to the users ‘home drive’. […]
Situation When attempting to call AWS CLI commands we were receiving a CERTIFICATE_VERIFY_FAILED error message. We were using a proxy service. In this specific instance we were connecting to AWS IAM via zScaler Internet Access (ZIA) Example we were running a simple aws iam get-role –role-name vmimport Workaround include–no-verify–ssl to by pass the ssl verification […]
Step Description Screenshot 1 Expand >NetScaler Gateway > Policies > Preauthentication 2 Click Add 3 Name the policy something like PreAuthPol_Notepad-is-running Click the + next to Request Action Note: you can call it whatever you want, I like to keep a standard format when creating policies and profiles so they are distinguishable in the various […]
In this section we are going to deploy the downloaded NetScaler firmware onto our hypervisor (VMWare). Step Description Screenshot Connect and authenticate to your VMWare ESX web console Note: In this example we are connecting to VMWare ESXi 6.0 with a private IP of 192.168.1.1. The default URL is http://192.168.1.1/ui Click Virtual Machines Click Create […]
Step Description Screenshot 1 Expand >NetScaler Gateway > Global Settings > Change Global Settings 2 Click Security tab Change Default Authorization Action to DENY Note: This change will affect all Gateways configured on the NetScaler that do not specifically reverse. 3 Expand NetScaler Gateway > Policies > Authorization Policies Click Add 4 Create a new […]
In this guide we will connect the Citrix NetScaler to our Citrix XA/XD Environment for ICA proxy (Citrix Sessions without VPN). Here you will see how quickly you can set up, secure and enable remote access to your Citrix environment via the NetScaler Gateway. NOTE: you must have an active Citrix XenApp/XenDesktop server and a […]