How to Manage Updates at Scale in Amazon WorkSpaces

BY:

There are automatic maintenance windows for AlwaysOn and AutoStop users, as well as a hands-on method

Key Takeaways:

  • WorkSpaces offers secure, reliable, and scalable access to persistent desktops, and requires maintenance to both avoid and address any security and performance issues
  • Automatic maintenance windows exist for both AlwaysOn and AutoStop users
  • For those who want more control over when maintenance and updates are installed, they can be done manually
  • AlwaysOn maintenance happens on Sundays between 00h00 and 04h00 in the time zone of the AWS Region for the WorkSpace
  • AutoStop maintenance is the third Monday of each month from 00h00 to 05h00 in the time zone of the AWS Region for the WorkSpace
  • Time zone redirection can be enabled or disabled: if you connect from another region and you have enabled time zone redirection, the time zone of the WorkSpace is then updated to the time zone of the region you connected from

Remote workforces globally are empowered with application and desktop access through Amazon WorkSpaces. While WorkSpaces offer secure, reliable, and scalable access to persistent desktops, they also require maintenance and updates to both avoid and address any security and performance issues. 

There are different running modes for WorkSpaces: AlwaysOn, for users who use their WorkSpace full-time as a primary desktop, and AutoStop, which means your WorkSpaces stop after they have been disconnected for a pre-specified period of time. 

WorkSpaces should be maintained on a regular basis, and default maintenance windows are scheduled so this can easily happen at scale. Updates from Amazon WorkSpaces are installed as well as operating system updates if available on the OS update server the WorkSpace is configured to use. It’s important to keep in mind that rebooting may take place after updates and that during maintenance, your WorkSpaces might not be available. You also can manually maintain your WorkSpaces if that is what you prefer. This blog will cover maintenance windows for AlwaysOn Workspaces and AutoStop WorkSpaces, as well as how to do manual maintenance.

AlwaysOn WorkSpaces maintenance windows

The maintenance window for AlwaysOn WorkSpaces is determined by the operating system settings. 

  • The default is every Sunday morning from 00h00 to 04h00.
  • The time zone of an AlwaysOn Workspace is by default the time zone of the AWS Region for the  WorkSpace. Please note that if you connect from another region and you have enabled time zone redirection, the time zone of the WorkSpace is then updated to the time zone of the region you connected from. 
  • Time zone redirection can be disabled for Windows WorkSpaces using Group Policy and for Linux Workspaces by using the PCoIP Agent conf file.
  • You can configure the maintenance window for Windows WorkSpaces by configuring your Group Policy Settings for Automatic Updates. (You are unable to configure the maintenance window for Linux WorkSpaces.) 

AutoStop WorkSpaces maintenance windows

Once a month, AutoStop WorkSpaces are started automatically so that important updates can be installed. Beginning on the third Monday of the month for up to two weeks, the maintenance window is open from about 00h00 to 05h00 in the time zone of the AWS Region for the WorkSpace. Maintenance can be done on any one day in the window. The WorkSpace is set to MAINTENANCE when it is undergoing the process.

You cannot modify the time zone used for AutoStop WorkSpaces maintenance, but you can disable the maintenance window. By disabling maintenance mode, your WorkSpaces are not rebooted and do not enter the MAINTENANCE state. Follow the instructions below to disable maintenance mode. 

1. Open your WorkSpaces console: https://console.aws.amazon.com/workspaces/.
2. Select Directories in the navigation pane.
3. Choose your directory and then select Actions, Update Details.
4. Select Maintenance Mode and expand.
5. Enable automatic updates by choosing Enabled. If manual updates are your preference, choose Disabled.
6. Choose Update and Exit

Performing manual WorkSpaces maintenance

It is recommended that you perform maintenance tasks that you change the state of the WorkSpace to ADMIN_MAINTENANCE. When maintenance is complete, you’ll then change the state of the workspace to AVAILABLE.

ADMIN_MAINTENANCE mode enables the following behaviors:

  • The WorkSpace will not respond to requests to reboot, stop, start, or rebuild.
  • Users are unable to log into the WorkSpace.
  • An AutoStop Workspace is not hibernated.

You can change the state of the WorkSpace by using the console or the AWS Command Line Interface (CLI).

Change the state of the WorkSpace by using the console

Please note: Changing the state of a WorkSpace requires that it has a status of AVAILABLE. Also note that the Modify Status setting is unavailable when a WorkSpace has a status of STOPPED

1. Open the WorkSpaces console at https://console.aws.amazon.com/workspaces/
2. Choose WorkSpaces in the navigation pane.
3. Select your WorkSpace, then choose Actions, Modify WorkSpace.
4. Choose Modify State. For Intended State, select ADMIN_MAINTENANCE or AVAILABLE.
5. Select Modify.

Change the state of the WorkSpace using the AWS CLI

Use the modify-workspace-state command.

Amazon WorkSpaces makes all the details of administrating a fleet of desktops easier to deal with, and maintaining WorkSpaces is easy, too, with automatic scheduling windows for both AlwaysOn and AutoStop users. Those who want more control over when it occurs have options, too, by turning off and on time zone redirection or performing manual maintenance.            

Have Questions About WorkSpaces Maintenance? We Have Answers

We’re a cloud solutions consulting and managed service provider with expertise in all things Amazon Web Services. CloudHesive can even help you build, implement, and manage your end-user computing strategy with our robust Amazon Managed Services. We have eight AWS Competencies, more than 50 AWS Certifications, membership in nine Partner Programs, and the experience and knowledge to help your business realize all of the benefits of AWS cloud.

We’ve helped more than 100 companies reduce their operating costs and increase productivity with our focus on security, reliability, availability, and scalability. With over 30 years of experience, we leverage cloud-based technology to its full potential. Contact the CloudHesive team today.

Related Blogs

  • Exploring the Role of Amazon Web Services (AWS) Tools for DevOps Implementation in Cloud Projects

    Integrating DevOps best practices into cloud projects presents a few inherent challenges. With the help of AWS Tools for DevOps, processes can be streamlined for better cloud project management....

    Learn More
  • Optimizing Cloud Operations and Cost with DevOps Planning

    DevOps planning tips and tricks can help your organization balance operational efficiency and cost management. Even though implementing DevOps planning comes with many well-known benefits within the...

    Learn More
  • Key DevOps Trends: How They Shape the Future of Cloud Computing

    Staying on top of the rapidly evolving world of DevOps is challenging. Using prevalent DevOps trends can significantly impact project success in the evolution of cloud computing.  Considering the...

    Learn More
Back To Blogs