Exploring the AWS “Configuring user creation workflows with AWS Step Functions and AWS Managed Microsoft AD logs” post

AWS have released a blog post for automated provisioning of users into Workspaces and Connect when you make a user in a Managed AD.

Just to explore this a bit more.. the post is found here: https://aws.amazon.com/blogs/compute/configuring-user-creation-workflows-with-aws-step-functions-and-aws-managed-microsoft-ad-logs/

This is great conceptually but from my perspective, it’d need way more work to be realistic in its implementation. I know, its easy to be an arm chair critic so I apologise for that. I’m not trying to bang a drum for the sake of being a dick.. Rather I’m offering a quick review to give some more ideas into this inspiring blog post 🙂

As I see it the following would need to happen to make this solution great:

  1. An approval gate would be required; as not every user may need a WorkSpace
  2. Integration into ServerNow instead perhaps and the work flow for provisioning a WorkSpace from the ServiceNow connector as blogged about here: https://dunlop.geek.nz/enable-self-service-aws-workspaces-with-servicenow-aws-service-catalog-connector/
  3. CloudFormation templates to stand this stuff up; or a quickstart 😉
  4. IAM User being the trigger source instead perhaps?
  5. Date I say it; Integration into AzureAD?