/terraform-aws-workspaces

Primary LanguageHCLOtherNOASSERTION

Providers

Name Version
aws >= 5.31.0

Inputs

Name Description Type Default Required
ad_name The fully qualified name for the directory, such as corp.example.com string "corp.example.com" no
ad_password The password for the directory administrator or connector user. string "xyzsf58f5fqar" no
ad_size The size of the directory (Small or Large are accepted values). string "Small" no
alias The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). string "" no
change_compute_type Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. bool true no
connect_settings (Required for ADConnector) Connector related information about the directory. Fields documented below. map(string) {} no
custom_policy Custom policy ARN string "" no
description A textual description for the directory. string "Default Active Directory" no
device_type_android Indicates whether users can use Android devices to access their WorkSpaces. string "ALLOW" no
device_type_chromeos Indicates whether users can use Chromebooks to access their WorkSpaces. string "ALLOW" no
device_type_ios Indicates whether users can use iOS devices to access their WorkSpaces. string "ALLOW" no
device_type_linux Indicates whether users can use Linux devices to access their WorkSpaces. string "ALLOW" no
device_type_osx Indicates whether users can use macOS clients to access their WorkSpaces. string "ALLOW" no
device_type_web Indicates whether users can access their WorkSpaces through a web browser. string "ALLOW" no
device_type_windows Indicates whether users can use Windows clients to access their WorkSpaces. string "ALLOW" no
device_type_zeroclient Indicates whether users can use zero client devices to access their WorkSpaces. string "ALLOW" no
edition The MicrosoftAD edition (Standard or Enterprise). string "Standard" no
enable_internet_access (optional) Whether workspace virtual desktops should have internet access. Note that a VPC internet gateway is not required. bool true no
enable_maintenance_mode Indicates whether maintenance mode is enabled for your WorkSpaces. bool true no
enable_sso Whether to enable single-sign on for the directory. Requires alias. bool false no
enable_workspace Flag to control the module creation. bool false no
increase_volume_size Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. bool true no
ip_whitelist List of IP's to for whitelist list(string) 
[
  "103.59.207.249/32"
]
 no
name Name (e.g. app or cluster). string "" no
rebuild_workspace Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. bool true no
restart_workspace Whether WorkSpaces directory users can restart their workspace. bool true no
security_group_id (optional) If a security group should not be created, the security group id to use. Requires that create_security_group be set to false string null no
short_name The short name of the directory, such as CORP. string "CORP" no
subnet_ids VPC Subnet IDs to create workspaces in list(string) n/a yes
switch_running_mode Whether WorkSpaces directory users can switch the running mode of their workspace. bool true no
type The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). string "SimpleAD" no
user_enabled_as_local_administrator Indicates whether users are local administrators of their WorkSpaces. bool true no
vpc_settings (Required for SimpleAD and MicrosoftAD) VPC related information about the directory. Fields documented below. map(string) {} no
workspaces Map of workspace configurations 
map(object({
    bundle_id                                 = string
    user_name                                 = string
    root_volume_encryption_enabled            = optional(bool, false)
    user_volume_encryption_enabled            = optional(bool, false)
    volume_encryption_key                     = optional(string, null)
    compute_type_name                         = optional(string, "VALUE")
    user_volume_size_gib                      = optional(number, 10)
    root_volume_size_gib                      = optional(number, 80)
    running_mode                              = optional(string, "AUTO_STOP")
    running_mode_auto_stop_timeout_in_minutes = optional(number, 60)
  }))
 {} no

Resources

Name Type
aws_directory_service_directory.main resource
aws_iam_role.workspaces_default resource
aws_iam_role_policy_attachment.workspaces_custom_s3_access resource
aws_iam_role_policy_attachment.workspaces_default_self_service_access resource
aws_iam_role_policy_attachment.workspaces_default_service_access resource
aws_workspaces_directory.main resource
aws_workspaces_ip_group.ipgroup resource
aws_workspaces_workspace.workspace_ad resource
aws_iam_policy_document.workspaces data source
aws_region.current data source
aws_workspaces_bundle.bundle data source

Outputs

Name Description
ad_id outputs of aws workspaces directory id

🚀 Built by opsZero!

Since 2016 opsZero has been providing Kubernetes expertise to companies of all sizes on any Cloud. With a focus on AI and Compliance we can say we seen it all whether SOC2, HIPAA, PCI-DSS, ITAR, FedRAMP, CMMC we have you and your customers covered.

We provide support to organizations in the following ways:

We do this with a high-touch support model where you:

  • Get access to us on Slack, Microsoft Teams or Email
  • Get 24/7 coverage of your infrastructure
  • Get an accelerated migration to Kubernetes

Please schedule a call if you need support.