The Challenge of Modernizing Legacy Workflows for AI
Organizations are racing to deploy AI agents to automate complex business workflows, but many hit a wall: their critical processes run on legacy desktop applications and mainframe systems that lack modern APIs. According to a 2024 Gartner report, 75% of organizations still rely on legacy applications without APIs, and 71% of Fortune 500 companies operate on mainframes with limited programmatic access. This forces enterprises to choose between delaying AI adoption or undertaking costly, risky modernization projects.
Amazon WorkSpaces Now Powers AI Agents on Existing Desktops
Today, Amazon Web Services (AWS) announces that Amazon WorkSpaces can now serve as a secure desktop environment for AI agents. The same managed virtual desktops already trusted by millions of employees can be assigned to AI agents, allowing them to safely operate desktop applications without any application modernization. This turns WorkSpaces into infrastructure for scaling enterprise productivity, not just delivering it. Because agents operate within your existing WorkSpaces environment, there are no APIs to build, no application migrations to plan, and no new infrastructure to manage.
Early adopters have already seen the benefits. Chris Noon, Director at Nuvens Consulting, shared: “WorkSpaces lets our clients give AI agents the same secure, governed desktop environment their employees already use — no custom API integrations, full audit trails, and enterprise-grade isolation out of the box. For regulated industries, that’s not a nice-to-have — it’s the baseline.”
Secure Cloud Desktop Access for AI Agents
With WorkSpaces, AI agents securely access and operate desktop applications inside managed environments to complete complex workflows. Key security features include:
- Authentication via AWS Identity and Access Management (IAM)
- Complete audit trails through AWS CloudTrail and Amazon CloudWatch
- Full isolation of agent activities from local machines, preserving existing security controls and compliance policies
Additionally, Amazon WorkSpaces supports the Model Context Protocol (MCP), an industry standard that ensures compatibility with any agent framework — including popular ones like LangChain, CrewAI, and Strands Agents. This flexibility means you can integrate AI agents seamlessly, regardless of your chosen framework.
Setting Up WorkSpaces for AI Agents
To demonstrate how easy it is, here's a quick walkthrough of the setup process. From the AWS Management Console, you start by creating a new WorkSpaces Applications stack — the environment definition that controls agent connectivity and permissions.
- In the Amazon WorkSpaces console, choose Create stack.
- Configure basics: name, fleet association, and VPC endpoints.
- In Step 3, notice the new AI agents section with two options:
- No AI agent access — default for human users.
- Add AI agents — enables AI agents to securely access and operate applications using their own identity and permissions.
- Select Add AI agents and complete the stack setup.
Once enabled, agents can immediately begin using their own WorkSpaces environment, fully governed by your existing policies.
Why This Matters for Enterprise AI
The ability to give AI agents a secure desktop without rewriting legacy applications removes a major barrier to automation. Enterprises no longer need to choose between risky migrations and stalled AI initiatives. Instead, they can deploy intelligent agents to interact with the very applications that run their business — all within a secure, auditable, and compliant framework. For regulated industries like finance, healthcare, and government, this capability is transformative.