https://github.com/opszero/terraform-aws-workspaces

https://github.com/opszero/terraform-aws-workspaces

Last synced: 4 days ago
JSON representation

• Host: GitHub
• URL: https://github.com/opszero/terraform-aws-workspaces
• Owner: opszero
• License: other
• Created: 2024-05-23T04:46:29.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-11-07T04:58:31.000Z (3 months ago)
• Last Synced: 2025-11-07T06:18:46.394Z (3 months ago)
• Language: HCL
• Size: 58.6 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Support: SUPPORT

Awesome Lists containing this project

README

          


## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 5.31.0 |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [ad\_name](#input\_ad\_name) | The fully qualified name for the directory, such as corp.example.com | `string` | `"corp.example.com"` | no |

|  [ad\_password](#input\_ad\_password) | The password for the directory administrator or connector user. | `string` | `"xyzsf58f5fqar"` | no |

|  [ad\_size](#input\_ad\_size) | The size of the directory (Small or Large are accepted values). | `string` | `"Small"` | no |

|  [alias](#input\_alias) | The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). | `string` | `""` | no |

|  [change\_compute\_type](#input\_change\_compute\_type) | Whether WorkSpaces directory users can change the compute type (bundle) for their workspace. | `bool` | `true` | no |

|  [connect\_settings](#input\_connect\_settings) | (Required for ADConnector) Connector related information about the directory. Fields documented below. | `map(string)` | `{}` | no |

|  [custom\_policy](#input\_custom\_policy) | Custom policy ARN | `string` | `""` | no |

|  [description](#input\_description) | A textual description for the directory. | `string` | `"Default Active Directory"` | no |

|  [device\_type\_android](#input\_device\_type\_android) | Indicates whether users can use Android devices to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_chromeos](#input\_device\_type\_chromeos) | Indicates whether users can use Chromebooks to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_ios](#input\_device\_type\_ios) | Indicates whether users can use iOS devices to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_linux](#input\_device\_type\_linux) | Indicates whether users can use Linux devices to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_osx](#input\_device\_type\_osx) | Indicates whether users can use macOS clients to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_web](#input\_device\_type\_web) | Indicates whether users can access their WorkSpaces through a web browser. | `string` | `"ALLOW"` | no |

|  [device\_type\_windows](#input\_device\_type\_windows) | Indicates whether users can use Windows clients to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [device\_type\_zeroclient](#input\_device\_type\_zeroclient) | Indicates whether users can use zero client devices to access their WorkSpaces. | `string` | `"ALLOW"` | no |

|  [edition](#input\_edition) | The MicrosoftAD edition (Standard or Enterprise). | `string` | `"Standard"` | no |

|  [enable\_internet\_access](#input\_enable\_internet\_access) | (optional) Whether workspace virtual desktops should have internet access. Note that a VPC internet gateway is not required. | `bool` | `true` | no |

|  [enable\_maintenance\_mode](#input\_enable\_maintenance\_mode) | Indicates whether maintenance mode is enabled for your WorkSpaces. | `bool` | `true` | no |

|  [enable\_sso](#input\_enable\_sso) | Whether to enable single-sign on for the directory. Requires alias. | `bool` | `false` | no |

|  [enable\_workspace](#input\_enable\_workspace) | Flag to control the module creation. | `bool` | `false` | no |

|  [increase\_volume\_size](#input\_increase\_volume\_size) | Whether WorkSpaces directory users can increase the volume size of the drives on their workspace. | `bool` | `true` | no |

|  [ip\_whitelist](#input\_ip\_whitelist) | List of IP's to for whitelist | `list(string)` | 
[
  "103.59.207.249/32"
]
 | no |

|  [name](#input\_name) | Name  (e.g. `app` or `cluster`). | `string` | `""` | no |

|  [rebuild\_workspace](#input\_rebuild\_workspace) | Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state. | `bool` | `true` | no |

|  [restart\_workspace](#input\_restart\_workspace) | Whether WorkSpaces directory users can restart their workspace. | `bool` | `true` | no |

|  [security\_group\_id](#input\_security\_group\_id) | (optional) If a security group should not be created, the security group id to use. Requires that `create_security_group` be set to `false` | `string` | `null` | no |

|  [short\_name](#input\_short\_name) | The short name of the directory, such as CORP. | `string` | `"CORP"` | no |

|  [subnet\_ids](#input\_subnet\_ids) | VPC Subnet IDs to create workspaces in | `list(string)` | n/a | yes |

|  [switch\_running\_mode](#input\_switch\_running\_mode) | Whether WorkSpaces directory users can switch the running mode of their workspace. | `bool` | `true` | no |

|  [type](#input\_type) | The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values). | `string` | `"SimpleAD"` | no |

|  [user\_enabled\_as\_local\_administrator](#input\_user\_enabled\_as\_local\_administrator) | Indicates whether users are local administrators of their WorkSpaces. | `bool` | `true` | no |

|  [vpc\_settings](#input\_vpc\_settings) | (Required for SimpleAD and MicrosoftAD) VPC related information about the directory. Fields documented below. | `map(string)` | `{}` | no |

|  [workspaces](#input\_workspaces) | Map of workspace configurations | 
map(object({
    bundle_id                                 = string
    user_name                                 = string
    root_volume_encryption_enabled            = optional(bool, false)
    user_volume_encryption_enabled            = optional(bool, false)
    volume_encryption_key                     = optional(string, null)
    compute_type_name                         = optional(string, "VALUE")
    user_volume_size_gib                      = optional(number, 10)
    root_volume_size_gib                      = optional(number, 80)
    running_mode                              = optional(string, "AUTO_STOP")
    running_mode_auto_stop_timeout_in_minutes = optional(number, 60)
  }))
 | `{}` | no |

## Resources


| Name | Type |

|------|------|

| [aws_directory_service_directory.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/directory_service_directory) | resource |

| [aws_iam_role.workspaces_default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role_policy_attachment.workspaces_custom_s3_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.workspaces_default_self_service_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.workspaces_default_service_access](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_workspaces_directory.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_directory) | resource |

| [aws_workspaces_ip_group.ipgroup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_ip_group) | resource |

| [aws_workspaces_workspace.workspace_ad](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/workspaces_workspace) | resource |

| [aws_iam_policy_document.workspaces](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |

| [aws_workspaces_bundle.bundle](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/workspaces_bundle) | data source |

## Outputs

| Name | Description |

|------|-------------|

|  [ad\_id](#output\_ad\_id) | outputs of aws workspaces directory id |

# 🚀 Built by opsZero!



[opsZero](https://opszero.com) provides software and consulting for Cloud + AI. With our decade plus of experience scaling some of the world’s most innovative companies we have developed deep expertise in Kubernetes, DevOps, FinOps, and Compliance.

Our software and consulting solutions enable organizations to:

- migrate workloads to the Cloud

- setup compliance frameworks including SOC2, HIPAA, PCI-DSS, ITAR, FedRamp, CMMC, and more.

- FinOps solutions to reduce the cost of running Cloud workloads

- Kubernetes optimized for web scale and AI workloads

- finding underutilized Cloud resources

- setting up custom AI training and delivery

- building data integrations and scrapers

- modernizing onto modern ARM based processors

We do this with a high-touch support model where you:

- Get access to us on Slack, Microsoft Teams or Email

- Get 24/7 coverage of your infrastructure

- Get an accelerated migration to Kubernetes

Please [schedule a call](https://calendly.com/opszero-llc/discovery) if you need support.