Encryption in Transit - Amazon WorkSpaces Applications

Encryption in Transit

The following table provides information about how data is encrypted in transit. Where applicable, other data protection methods for WorkSpaces Applications are also listed.

Data Network path How protected

Web assets

This traffic includes assets such as images and JavaScript files.

Between WorkSpaces Applications users and WorkSpaces Applications

 Encrypted using TLS 1.2
Pixel and related streaming traffic Between WorkSpaces Applications users and WorkSpaces Applications

Encrypted using 256-bit Advanced Encryption Standard (AES-256)

Transported using TLS 1.2
API traffic Between WorkSpaces Applications users and WorkSpaces Applications

Encrypted using TLS 1.2

Requests to create a connection are signed using SigV4

Application settings and home folder data generated by users

Applicable when application settings persistence and home folders are enabled.

 Between WorkSpaces Applications users and Amazon S3 Encrypted using Amazon S3 SSL endpoints
WorkSpaces Applications-managed traffic

Between WorkSpaces Applications streaming instances and:

  • WorkSpaces Applications management services

  • AWS services and resources in your Amazon Web Services account

  • Non-AWS services and resources (such as Google Drive and Microsoft OneDrive)

Encrypted using TLS 1.2

Requests to create a connection are signed using SigV4 where applicable