Category: Amazon Web Services

Custom CA Certificates in AWS WorkSpaces

Post author By shane
Post date October 22, 2017
No Comments on Custom CA Certificates in AWS WorkSpaces

I use an AWS WorkSpace for a Windows remote desktop, connecting to some systems that have a custom CA. As the WorkSpace is managed by a domain, simply installing the CA certificates as usual doesn’t work. After much frustration, I figured out the right steps to manually add a CA cert.

install Group Policy Management Console by opening an Admin PowerShell and running: Install-WindowsFeature –Name GPMC
Run GPMC: gpmc.msc

Set up Group Policy Object, following Install the Group Policy Administrative Template
Open the new WorkSpaces Machine Policies
Go to Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Public Key Policies -> Trusted Root Certification Authorities
Right click, select Import…
Follow wizard prompts
Log out then back in

Tags aws, certificate, ssl, windows, workspaces

Amazon Web Services EC2 SysAdmin

Instance Store HVM AMIs on EC2

Post author By shane
Post date January 29, 2014
No Comments on Instance Store HVM AMIs on EC2

Over at the SmugMug Sorcery blog I wrote a new post about creating instance store HVM AMIs: http://sorcery.smugmug.com/2014/01/29/instance-store-hvm-amis-for-amazon-ec2/.

Amazon Web Services EC2 SysAdmin

Allowing Ping to EC2 Instances

Post author By shane
Post date August 10, 2012
No Comments on Allowing Ping to EC2 Instances

Ping is not enabled to ec2 instances by default. A lot of guides tell you to simply allow all ICMP traffic through in the security group configuration. That is overkill. Simply add the following two rules to your security group and pinging the instance will work:

Custom ICMP rule -> Type: Echo Request
Custom ICMP rule -> Type: Echo Reply

While opening up additional ICMP types may be harmless, I always like to error on the side of only allowing what I explicitly want rather than allowing everything.