Amazon WorkSpaces、AIエージェント専用デスクトップをプレビュー提供開始 Modernize your workflows: Amazon WorkSpaces now gives AI agents their own desktop (preview)

AWS has announced a preview of a new Amazon WorkSpaces capability that provisions dedicated virtual desktops for AI agents, allowing them to operate applications in their own isolated Windows environment and carry out business workflows autonomously.

Until now, so-called computer-use agents — AI systems that drive browsers and desktop applications via screen interaction — have typically run either on a human user's workstation or inside developer-built sandboxes. The new WorkSpaces feature instead assigns each agent a full-featured virtual desktop, separating it from human work environments while keeping the desktop under the same image, policy, and audit-log management that IT departments already use for employee endpoints. That design appears aimed at automating processes locked inside legacy line-of-business apps or SaaS user interfaces that lack APIs, without the need for dedicated integration work.

Technically, giving each agent its own desktop addresses several practical issues that have hampered enterprise rollouts of computer-use agents. Sharing a human user's session creates conflicts when the employee and the agent both need the screen, and ad-hoc sandboxes typically lack the corporate identity, network access, and software baseline required for real workflows. A managed WorkSpace, by contrast, can be joined to corporate directories, preloaded with the same applications and credentials policies as employee machines, and decommissioned cleanly after a task. AWS positions this as a way for IT to treat agents as a new class of managed user.

The announcement comes against a backdrop of rapid growth in screen-operating agent technology. Anthropic's Computer Use, OpenAI's Operator, and Microsoft's Copilot Studio computer-use actions have all pushed the idea that LLM-based agents can navigate arbitrary GUIs rather than relying solely on APIs. AWS itself already offers a browser tool and code execution sandbox through Amazon Bedrock AgentCore, and the new WorkSpaces capability may slot in as the heavier-weight option for full desktop automation, complementing rather than replacing those lighter runtimes.

For enterprises, dedicating a WorkSpace per agent could make it considerably easier to satisfy governance requirements. Credential handling, data exfiltration controls, and detailed activity logging can be applied through the same mechanisms used for human virtual desktops, and security teams gain a clear blast radius if an agent misbehaves: the affected machine can be quarantined or rebuilt without touching employee endpoints. Compliance-sensitive industries that have been reluctant to grant agents access to production systems may find this isolation model more palatable than running agents on shared infrastructure.

Several open questions remain. Licensing and pricing for agent-occupied desktops have not been fully detailed, and at scale the per-seat economics of WorkSpaces could compete with more lightweight container-based approaches. The scope of agent frameworks supported out of the box — whether limited to AWS's own Bedrock AgentCore and Strands tooling, or open to third-party frameworks such as LangChain, Anthropic's Computer Use, or browser-automation stacks — will likely shape adoption. There is also the matter of how this offering coexists with established RPA vendors such as UiPath and Automation Anywhere, which already sell desktop automation with governance features; AWS's pitch appears to be that generative agents bring more flexible reasoning to the same execution surface, but the boundary between the two categories is likely to blur.

Operationally, customers will need to think about runaway behavior. An agent with persistent desktop access and corporate credentials can perform damaging actions far faster than a human, so policies around approval gates, action logging, and reversible operations may become as important as the underlying model quality. The fact that every action takes place inside a recorded WorkSpace session should help with forensics, but does not by itself prevent mistakes.

For now, the feature is in preview, and AWS has yet to publish full details on regional availability, pricing tiers, and the exact set of supported agent runtimes. Enterprises evaluating computer-use agents for back-office automation, customer operations, or software testing may want to track these specifics closely as the service moves toward general availability.