-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathvariables.tf
245 lines (211 loc) · 7.87 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
#Module : LABEL
#Description : Terraform label module variables.
variable "name" {
type = string
default = ""
description = "Name (e.g. `app` or `cluster`)."
}
variable "environment" {
type = string
default = ""
description = "Environment (e.g. `prod`, `dev`, `staging`)."
}
variable "label_order" {
type = list(any)
default = []
description = "Label order, e.g. `name`,`application`."
}
variable "managedby" {
type = string
default = "[email protected]"
description = "ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'."
}
variable "customer_dns_ips" {
type = list(string)
description = "(Required) The DNS IP addresses of the domain to connect to."
default = []
}
variable "customer_username" {
type = string
description = "(Required) The username corresponding to the password provided."
default = ""
}
variable "vpc_id" {
description = "default vpc"
type = string
default = ""
}
variable "ssm_ad_connector_parameter_name" {
description = "ssm parameter name for microsoft AD"
type = string
default = "/workspace/Connector/password"
}
variable "create_ssm_parameter" {
description = "If true, deploy the SSM parameter Active Directory."
type = bool
default = false
}
variable "ssm_parameter_name" {
description = "ssm parameter name for microsoft AD"
type = string
default = "/workspace/microsoft-ad/password"
}
variable "attributes" {
type = list(any)
default = []
description = "Additional attributes (e.g. `1`)."
}
variable "repository" {
type = string
default = "https://github.com/clouddrove/terraform-aws-active-directory"
description = "Terraform current module repo"
}
#Description : Active Directory Terraform modules variables
variable "enabled" {
type = bool
default = true
description = "Flag to control the module creation."
}
variable "vpc_settings" {
type = map(string)
default = {}
description = "(Required for SimpleAD and MicrosoftAD) VPC related information about the directory. Fields documented below."
}
variable "directory_name" {
default = "corp.example.com"
type = string
description = " The fully qualified name for the directory, such as corp.example.com"
}
variable "directory_size" {
description = "The size of the directory (Small or Large are accepted values). Large by default."
type = string
default = "Small" # Provide a default value
}
variable "ad_password" {
default = ""
type = string
description = "The password for the directory administrator or connector user."
sensitive = true
}
variable "ip_rules" {
description = "List of IP rules"
type = list(object({
source = string
description = string
}))
default = []
}
variable "ip_group_description" {
type = string
default = "IP Access Control Group for environment."
description = "IP access control group description."
}
variable "custom_policy" {
default = ""
type = string
description = "Custom policy ARN"
}
#############################################
variable "self_service_permissions" {
description = "Self-service permissions configuration."
type = object({
change_compute_type = bool
increase_volume_size = bool
rebuild_workspace = bool
restart_workspace = bool
switch_running_mode = bool
})
default = {
change_compute_type = true //"Whether WorkSpaces directory users can change the compute type (bundle) for their workspace."
increase_volume_size = true //"Whether WorkSpaces directory users can increase the volume size of the drives on their workspace."
rebuild_workspace = true //"Whether WorkSpaces directory users can rebuild the operating system of a workspace to its original state.""
restart_workspace = true //"Whether WorkSpaces directory users can restart their workspace."
switch_running_mode = true //"Whether WorkSpaces directory users can switch the running mode of their workspace."
}
}
variable "workspace_access_properties" {
description = "Workspace access properties configuration."
type = object({
device_type_android = string
device_type_chromeos = string
device_type_ios = string
device_type_linux = string
device_type_osx = string
device_type_web = string
device_type_windows = string
device_type_zeroclient = string
})
default = {
device_type_android = "ALLOW" //"Indicates whether users can use Android devices to access their WorkSpaces."
device_type_chromeos = "ALLOW" //"Indicates whether users can use Chromebooks to access their WorkSpaces."
device_type_ios = "ALLOW" //"Indicates whether users can use iOS devices to access their WorkSpaces."
device_type_linux = "ALLOW" //"Indicates whether users can use Linux devices to access their WorkSpaces."
device_type_osx = "ALLOW" //"Indicates whether users can use macOS clients to access their WorkSpaces."
device_type_web = "ALLOW" //"Indicates whether users can access their WorkSpaces through a web browser."
device_type_windows = "ALLOW" //"Indicates whether users can use Windows clients to access their WorkSpaces."
device_type_zeroclient = "ALLOW" //"Indicates whether users can use zero client devices to access their WorkSpaces."
}
}
variable "workspace_creation_properties" {
description = "Workspace creation properties configuration."
type = object({
custom_security_group_id = string
default_ou = string
enable_internet_access = bool
enable_maintenance_mode = bool
user_enabled_as_local_administrator = bool
})
default = {
custom_security_group_id = "" //"The identifier of any custom security groups that are applied to the WorkSpaces directory."
default_ou = "" //"The organizational unit (OU) in the directory for the WorkSpace machine accounts."
enable_internet_access = true //"Indicates whether internet access is enabled for your WorkSpaces."
enable_maintenance_mode = false //"Indicates whether maintenance mode is enabled for your WorkSpaces."
user_enabled_as_local_administrator = true //"Indicates whether users are local administrators of their WorkSpaces."
}
}
variable "directory_type" {
default = "SimpleAD"
type = string
description = "The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values)."
}
variable "enable_sso" {
default = false
type = bool
description = "Whether to enable single-sign on for the directory. Requires alias."
}
variable "alias" {
default = ""
type = string
description = "The directory type (SimpleAD, ADConnector or MicrosoftAD are accepted values)."
}
variable "description" {
default = "Default Active Directory"
type = string
description = "A textual description for the directory."
}
variable "short_name" {
default = "CORP"
type = string
description = "The short name of the directory, such as CORP."
}
variable "edition" {
default = "Standard"
type = string
description = "The MicrosoftAD edition (Standard or Enterprise)."
}
variable "subnet_ids" {
default = null
type = list(string)
description = "List of subnets in VPC"
}
# This must be set to "workspaces_DefaultRole" as AWS WorkSpaces requires this exact name.
variable "workspaces_role_name" {
description = "The name of the IAM role for AWS WorkSpaces. It must be 'workspaces_DefaultRole' to meet AWS requirements."
type = string
default = "workspaces_DefaultRole"
}
variable "custom_assume_role_policy" {
description = "Optional custom assume role policy for WorkSpaces role"
type = string
default = null
}