Technical Documentation: Secure AWS Portal

Our secure portal allows only students who are enrolled in Expedition AI and IMPACT10 to access AI tools without needing to whitelist them school-wide.

Login Screen 1

3. Secure Browser Instantiation

Login Screen 2

4. Students Login to d’Skills Rebel Base

From there, students can access sites whitelisted for Expedition AI, including AI tools ChatGPT, Suno, etc.

We’ve got a default blocklist for things like streaming, gaming, and inappropriate content. Plus, we can load up Chrome Extensions if you want—things like Cisco Umbrella to keep things safe and focused.

Technical Documentation:

In this guide, we're going to talk about how we use the {region} variable to pinpoint the AWS (Amazon Web Services) datacenter location, which really depends on where your school is based. Right now, we've set {region} to “us-east-1”.

Make sure your setup allows Websocket connections and regular HTTPS traffic to these domains:

For connecting to a Workspaces Web Container, you'll need access to:

s3.{region}.amazonaws.com

s3.amazonaws.com

appstream2.{region}.aws.amazon.com

*.amazonappstream.com

*.shortbread.aws.dev

For loading up all the static goodies on the Workspaces Web site, these are your go-tos:

*.workspaces-web.com

di5ry4hb4263e.cloudfront.net

When it comes to signing in, these are essential:

*.auth.{region}.amazoncognito.com

cognito-identity.{region}.amazonaws.com

cognito-idp.{region}.amazonaws.com

*.cloudfront.net

As well as the student login portal:

https://594c5df0-ea2c-4cc3-a891-73f0a63e3f1e.workspaces-web.com/

That’s pretty much all you need to let the students dive into the app.

Here’s a quick rundown on how our backend ticks:

  • We use AWS Workspaces Web to spin up temporary containerized browser instances which are streamed to users through our main web app. Each session is a separate virtual Linux machine running Chrome.

  • Sessions stay open until an hour after you close it or if it's inactive for 4 hours. When you end a session, we wipe the virtual machine clean—no data sticks around. We respect privacy big time, so no logs unless you say so, but we can track usage if you need it. Access is tight—only students who are registered can get in through our SSO on the AWS Workspaces Web Portal. Our IDP is Auth0.

Here’s how students will get started:

  • Hit up the Workspaces Web Portal through the link we provide.

  • Sign in time! They’ll be sent to our Auth0 IDP to log in with their school email and password, then back to the portal.

  • They'll get their Linux browser set up and then jump right into their session.

Workspaces Web: Heads Up:

Workspaces Web isn’t your usual VDI (Virtual Desktop Infrastructure). It doesn’t virtualize a full desktop OS; it just hooks you up with a Chrome browser. You can save files temporarily, but they’ll be gone once you log off. Keeps everything neat and focused on what you're there to do.

We’ve got some extra tricks up our sleeve for schools too. On request, we can set up Chrome just like on other school devices, blocking or allowing certain URLs so students stay on track. We’ve got a default blocklist for things like streaming, gaming, and inappropriate content. Plus, we can load up Chrome Extensions if you want—things like Cisco Umbrella to keep things safe and focused.

That’s about it! Let us know if you need anything else or have specific requests. We’re here to help make things smooth for you and your students.

Reach out to Tim Jones at techsupport@dskills.io with any questions!