| agent_hdd_size_gb |
The HDD size for agents |
number |
n/a |
yes |
| agent_instance_type |
The instance type for the agents |
string |
n/a |
yes |
| agent_security_rules |
A map of objects of security rules to apply to the Kasm WebApp server |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| agent_vpc_cidr |
Subnet CIDR range for Agent VPC |
string |
n/a |
yes |
| anywhere |
Anywhere subnet for routing and load ingress from all IPs |
string |
"0.0.0.0/0" |
no |
| aws_domain_name |
The Route53 Zone used for the dns entries. This must already exist in the AWS account. (e.g dev.kasm.contoso.com). The deployment will be accessed via this zone name via https |
string |
n/a |
yes |
| aws_key_pair |
The name of an aws keypair to use. |
string |
n/a |
yes |
| aws_region |
The AWS region for the deployment. (e.g us-east-1) |
string |
n/a |
yes |
| aws_ssm_instance_profile_name |
The name of the SSM EC2 Instance Profile to associate with Kasm VMs for SSH access |
string |
"" |
no |
| cpx_hdd_size_gb |
The HDD size for Kasm Guac RDP nodes |
number |
n/a |
yes |
| cpx_instance_type |
The instance type for the cpx RDP nodes |
string |
n/a |
yes |
| cpx_security_rules |
A map of objects of security rules to apply to the Kasm Connection Proxy server |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| default_egress |
Default egress security rule for all security groups |
map(object({
from_port = number
to_port = number
protocol = string
cidr_subnets = list(string)
})) |
{
"all": {
"cidr_subnets": [
"0.0.0.0/0"
],
"from_port": 0,
"protocol": "-1",
"to_port": 0
}
} |
no |
| ec2_ami |
The AMI used for the EC2 nodes. Recommended Ubuntu 20.04 LTS. |
string |
n/a |
yes |
| kasm_build |
The URL for the Kasm Workspaces build |
string |
n/a |
yes |
| management_region_nat_gateway |
A list Kasm management region NAT gateways to allow Webapps ingress on 4902 to Kasm Windows agent |
string |
n/a |
yes |
| manager_token |
The password for the database. No special characters |
string |
n/a |
yes |
| num_agents |
The number of Agent Role Servers to create in the deployment |
number |
n/a |
yes |
| num_cpx_nodes |
The number of cpx Role Servers to create in the deployment |
number |
n/a |
yes |
| num_proxy_nodes |
The number of Dedicated Proxy nodes to create in the deployment |
number |
2 |
no |
| project_name |
The name of the deployment (e.g dev, staging). A short single word |
string |
n/a |
yes |
| proxy_hdd_size_gb |
The HDD size for Dedicated Proxy nodes |
number |
n/a |
yes |
| proxy_instance_type |
The instance type for the dedicated proxy nodes |
string |
n/a |
yes |
| proxy_security_rules |
A map of objects of security rules to apply to the Kasm WebApp server |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| public_lb_security_rules |
A map of objects of security rules to apply to the Public ALB |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"http": {
"from_port": 80,
"protocol": "tcp",
"to_port": 80
},
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| service_registration_token |
The service registration token value for cpx RDP servers to authenticate to webapps. No special characters |
string |
n/a |
yes |
| swap_size |
The amount of swap (in MB) to configure inside the compute instances |
number |
n/a |
yes |
| web_access_cidrs |
List of Networks in CIDR notation for IPs allowed to access the Kasm Web interface |
list(string) |
[
"0.0.0.0/0"
] |
no |
| windows_security_rules |
A map of objects of security rules to apply to the Kasm Windows VMs |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"api": {
"from_port": 4902,
"protocol": "tcp",
"to_port": 4902
},
"rdp": {
"from_port": 3389,
"protocol": "tcp",
"to_port": 3389
}
} |
no |
