WorkSpaces Manager deploys a Security Group for the EC2 instance in which it configures the requirements for inbound connections.

By default, the EC2 instance is reached through TCP/80 (HTTP) and TCP/3389 (RDP). Both ports are exclusively accessible from the internal segments defined during the deployment of the CloudFormation Template.

Outbound connections: WSM must have access to AWS APIs (all published on TCP/443 HTTPS) and service (TCP/443). In addition, it also requires access to an existing Active Directory (TCP/389 for LDAP or TCP/636 for LDAPS) to handle AD information. As an option, it may need access to an SMTP Relay (25, 587 or 2587, depending on the provider) or to external RestAPIs if there are custom integrations.

For WSUS, WSM uses default ports 8530 or 8531.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment