AWS recommends using Workspace client to connect to workspace instances. But perhaps your corporate IT will not install workspace client for typical reasons. If you want to connect with RDP, you can and here is how.
Assuming you already have workspace launched. First go to the workspace instance and find out its private IP address. In this example, the private IP is 172.31.21.207
If you do not have a private connection to the VPC, you will need an EIP attached and mapped to this private IP. Go to EC2 console > EIP and create one. Next, go to EC2 console > Network interfaces. Find the ENI ID.
Go back to your EIP and map it to the above ENI.
Next, go to EC2 console > Security Groups. Find the SG with the name suffix
_workspacesMembers. Add a rule and allow TCP 3389 from your IP.
At this point, you can connect to your workspace instance using RDP. Put the EIP as the remote host IP. Log in with domain credential. In my lab, users are on SimpleAD.