[–] curomo 0 points 0 points (+0|-0) ago 

Why do you want the workspace on the domain? It will affect how complex your solution needs to be.

If it's just user auth, then you can bridge your IAM auth to your domain. If you're doing advanced desktop management, you might find that it's easier to just manage the image and treat it as inmutable.

If you really need to be properly domain joined, I think you can give the workspace and address in your vpc where you have a domain controller.

And of course if you weren't talking about ad and just need a dns domain, you'll just do it all in route53

[–] obvious-throwaway- [S] 0 points 0 points (+0|-0) ago 

AWS sets up two Linux domain controllers for the workspaces. I'm using these domain controllers as my sole domain controllers. Amazon manages these controllers, so it's like having 2 completely managed domain controllers.

I want to use these managed domain controllers to manage my whole network, I just need help with getting the DNS to forward through when it can't resolve locally.