My colleague Gene Farrell introduced you to Amazon AppStream 2.0 late last year. In his guest post, Gene explained how AppStream 2.0 lets you run desktop applications securely on any device, from within the comfort of an HTML5 web browser (read the entire post to learn more). For example, I used the AppStream 2.0 Try it Now page to launch and then immediately start using Siemens Solid Edge. I simply chose the desired application from the Try it Now page:
I was running Solid Edge a few seconds later, no installation or setup needed:
By Popular Request – New Features for Enterprises, SMBs, and ISVs
Since that re:Invent launch, we have been fine-tuning AppStream 2.0, adding in some features that our customers have been asking for. These features will allow our customers to more easily deploy, access, manage and track the applications that they make available for use through AppStream. We’ve rolled most of these out without individual blog posts, and today I’d like to let you know what we’ve been up to. Here are the newest features:
Fleet Auto Scaling – This brand-new feature allows you to use the CloudWatch metrics to scale your fleet up and down in response to changes in demand. This allows you to deliver applications as economically as possible, while still providing instant access.
Image Builder – You can build your own AppStream 2.0 images that contain your choice of applications.
SAML 2.0 Authentication – You can use your existing SAML 2.0 compliant directory with AppStream 2.0. Your users can use their existing credentials to log in.
Fleet Management – You have additional management options for the instances that run your applications.
CloudWatch Metrics – You can observe and monitor seven Amazon CloudWatch metrics, including the size and overall utilization of your fleets.
Let’s take a look at each one!
Fleet Auto Scaling
This feature is brand new, and is powered by the new CloudWatch metrics! You can now associate scaling policies with each of your fleets and use them to meet varying levels of user demand and to control costs. If you are using AppStream 2.0 to deliver productivity applications to your users, you can use the scaling policies to ensure that capacity comes online as needed during office hours, and goes away in the evening when your users are done for the day. Here is a fleet with scale out (add capacity) and scale in (remove capacity) policies:
In order to take advantage of this feature, you set the minimum and maximum capacity when you create the fleet:
This will create the default policies, which you can later edit, add, or remove (you can have up to 50 policies per fleet). To learn more, read about AppStream Fleet Auto Scaling.
This feature allows you to create custom images that contain your choice of commercial or proprietary applications. In order to do this, you launch an instance called an image builder. Then you log in to the instance, install and configure the applications as desired, and capture the state of the instance as an image. The entire login and customization process takes place within your web browser; you don’t have to download any keys or remember any passwords. The application appears in the Image Registry and is available to your users.
I can launch an image builder from the AppStream 2.0 Console:
Next, I choose the starting point (an existing image):
Then I configure the builder by giving it a name, choosing an instance size, and setting up the VPC:
I click on Review, confirm my settings, and then wait for the builder to launch:
Then I can connect to the image builder, set up the apps, and create an image. I have my choice of two identities when I connect, Admin and Test:
I select ImageBuildAdmin and (when prompted for a password), click on Log me in in the Admin Commands menu:
After logging in, I launch the Image Assistant app and use it to install and test my apps:
To learn more, read about Image Builders and follow the Using an AppStream 2.0 Image Builder Tutorial.
SAML 2.0 Authentication
This feature allows you to use any external identity provider that supports SAML 2.0 including Active Directory Federation Services, PingFederate Server, Okta, or Shibboleth:
After you follow the directions in Setting Up SAML, your users can log in to AppStream 2.0 using their existing identity and credentials. You can manage users and groups, control access to applications based on the identity or location of the user, and use Multi-Factor Authentication (MFA). To learn more, read Enabling Single Sign-on Access to AppStream 2.0 Using SAML 2.0. If you have already set up federated access to the AWS Management Console, much of what you already know will apply.
This feature gives me additional control over my fleets (groups of instances that are running applications for users). I can see all of my fleets on a single screen:
I can select a fleet and then act on it:
Some properties of a fleet can be edited at any time. Others, including the VPC properties, can only be edited after the fleet has been stopped. To learn more, read about Stacks and Fleets.
AppStream publishes eight metrics to CloudWatch for each fleet:
- RunningCapacity – Number of instances running.
- InUseCapacity – Number of instances in use.
- DesiredCapacity – Number of instances that are either running or pending.
- AvailableCapacity – Number of idle instances available for use.
- PendingCapacity – Number of instances being provisioned.
- CapacityUtilization – Percentage of fleet being used.
- InsufficientCapacityError – Number of sessions rejected due to lack of capacity.
You can see these metrics from within the AppStream 2.0 Console:
These metrics will help you to measure overall usage to to fine tune the size of your fleet. As is the case with every CloudWatch metric, you can generate alerts and raise alarms when a metric is outside of the desired range. You could also use AWS Lambda functions to make changes to your environment or to generate specialized notifications. To learn more, read about Monitoring Amazon AppStream 2.0 Resources.
All of these features are available now and you can start using them today!
Leave a comment!