What should be done to manage the host with the LEAST amount of administrative effort?

Explanations:

While running the host in an Elastic Beanstalk environment with a custom AMI is possible, Elastic Beanstalk is designed primarily for web applications rather than managing Windows Server hosts for RDP access. Additionally, the configuration may introduce unnecessary complexity for a server meant for direct access and troubleshooting. Using AWS Systems Manager Patch Manager is good for updates, but the overall solution is not the least administrative effort.

Running the host on AWS WorkSpaces could provide a managed desktop environment, but it adds complexity in terms of user access and maintenance. While you can configure automatic updates, WorkSpaces are not designed for RDP access to troubleshoot other hosts, which deviates from the requirement of maintaining a server for administrative purposes.

Running the host in an Auto Scaling group with a minimum and maximum instance count of 1 ensures high availability and automated scaling. Using a hardened machine image from AWS Marketplace can simplify the setup process. Additionally, applying system updates through AWS Systems Manager Patch Manager allows for efficient management with minimal manual intervention, aligning well with the requirement for minimal administrative effort.

Using AWS OpsWorks Stacks and Chef recipes adds complexity and requires additional management of Chef scripts and infrastructure. While it could potentially automate the hardening and update processes, it introduces more administrative overhead than necessary for simply managing a Windows Server host for RDP access. The use of AWS Lambda for updates adds another layer of complexity.