kasm-terraform/aws/multi_region/primary

primary

Requirements

Name	Version
terraform	~> 1.0
aws	~> 5.0

Providers

Name	Version
aws	5.36.0

Modules

No modules.

Resources

Name	Type
aws_acm_certificate.this	resource
aws_acm_certificate_validation.this	resource
aws_eip.this	resource
aws_iam_instance_profile.this	resource
aws_iam_role.this	resource
aws_iam_role_policy_attachment.this	resource
aws_instance.db	resource
aws_internet_gateway.this	resource
aws_nat_gateway.this	resource
aws_route53_record.certificate	resource
aws_route_table.internet_gateway	resource
aws_route_table.nat_gateway	resource
aws_route_table_association.agent	resource
aws_route_table_association.alb	resource
aws_route_table_association.cpx	resource
aws_route_table_association.db	resource
aws_route_table_association.webapp	resource
aws_route_table_association.windows	resource
aws_s3_bucket.this	resource
aws_s3_bucket_policy.this	resource
aws_s3_bucket_public_access_block.this	resource
aws_s3_bucket_server_side_encryption_configuration.this	resource
aws_security_group.agent	resource
aws_security_group.cpx	resource
aws_security_group.db	resource
aws_security_group.public_lb	resource
aws_security_group.webapp	resource
aws_security_group.windows	resource
aws_security_group_rule.agent	resource
aws_security_group_rule.agent_egress	resource
aws_security_group_rule.cpx	resource
aws_security_group_rule.cpx_egress	resource
aws_security_group_rule.db	resource
aws_security_group_rule.db_egress	resource
aws_security_group_rule.public_lb	resource
aws_security_group_rule.public_lb_egress	resource
aws_security_group_rule.webapp_agent	resource
aws_security_group_rule.webapp_cpx	resource
aws_security_group_rule.webapp_egress	resource
aws_security_group_rule.webapp_public_lb	resource
aws_security_group_rule.webapp_windows	resource
aws_security_group_rule.windows	resource
aws_security_group_rule.windows_egress	resource
aws_subnet.agent	resource
aws_subnet.alb	resource
aws_subnet.cpx	resource
aws_subnet.db	resource
aws_subnet.webapp	resource
aws_subnet.windows	resource
aws_vpc.this	resource
aws_availability_zones.available	data source
aws_elb_service_account.main	data source
aws_iam_policy_document.this	data source
aws_route53_zone.this	data source

Inputs

Name	Description	Type	Default	Required
admin_password	The administrative user password. No special characters	string	n/a	yes
agent_security_rules	A map of objects of security rules to apply to the Kasm WebApp server	map(object({ from_port = number to_port = number protocol = string }))	{ "https": { "from_port": 443, "protocol": "tcp", "to_port": 443 } }	no
anywhere	Anywhere subnet for routing and load ingress from all IPs	string	"0.0.0.0/0"	no
aws_domain_name	The Route53 Zone used for the dns entries. This must already exist in the AWS account. (e.g dev.kasm.contoso.com). The deployment will be accessed via this zone name via https	string	n/a	yes
aws_key_pair	The name of an aws keypair to use.	string	n/a	yes
aws_region	The AWS region for the deployment. (e.g us-east-1)	string	n/a	yes
aws_ssm_iam_role_name	The name of the SSM EC2 role to associate with Kasm VMs for SSH access	string	""	no
aws_ssm_instance_profile_name	The name of the SSM EC2 Instance Profile to associate with Kasm VMs for SSH access	string	""	no
cpx_security_rules	A map of objects of security rules to apply to the Kasm Connection Proxy server	map(object({ from_port = number to_port = number protocol = string }))	{ "https": { "from_port": 443, "protocol": "tcp", "to_port": 443 } }	no
create_aws_ssm_iam_role	Create an AWS SSM IAM role to attach to VMs for SSH/console access to VMs.	bool	false	no
database_password	The password for the database. No special characters	string	n/a	yes
db_hdd_size_gb	The HDD size in GB to configure for the Kasm Database instances	number	n/a	yes
db_instance_type	The instance type for the Database	string	n/a	yes
db_security_rules	A map of objects of security rules to apply to the Kasm DB	map(object({ from_port = number to_port = number protocol = string }))	{ "postgres": { "from_port": 5432, "protocol": "tcp", "to_port": 5432 }, }	no
default_egress	Default egress security rule for all security groups	map(object({ from_port = number to_port = number protocol = string cidr_subnets = list(string) }))	{ "all": { "cidr_subnets": [ "0.0.0.0/0" ], "from_port": 0, "protocol": "-1", "to_port": 0 } }	no
ec2_ami	The AMI used for the EC2 nodes. Recommended Ubuntu 22.04 LTS.	string	n/a	yes
kasm_build	The URL for the Kasm Workspaces build	string	n/a	yes
manager_token	The manager token value for Agents to authenticate to webapps. No special characters	string	n/a	yes
num_cpx_nodes	The number of cpx RDP role servers to create in the deployment	number	n/a	yes
num_webapps	The number of WebApp role servers to create in the deployment	number	n/a	yes
project_name	The name of the deployment (e.g dev, staging). A short single word	string	n/a	yes
public_lb_security_rules	A map of objects of security rules to apply to the Public ALB	map(object({ from_port = number to_port = number protocol = string }))	{ "http": { "from_port": 80, "protocol": "tcp", "to_port": 80 }, "https": { "from_port": 443, "protocol": "tcp", "to_port": 443 } }	no
service_registration_token	The service registration token value for cpx RDP servers to authenticate to webapps. No special characters	string	n/a	yes
swap_size	The amount of swap (in MB) to configure inside the compute instances	number	n/a	yes
user_password	The standard (non administrator) user password. No special characters	string	n/a	yes
vpc_subnet_cidr	The subnet CIDR to use for the Primary VPC	string	n/a	yes
web_access_cidrs	List of Networks in CIDR notation for IPs allowed to access the Kasm Web interface	list(string)	n/a	yes
webapp_security_rules	A map of objects of security rules to apply to the Kasm WebApp server	map(object({ from_port = number to_port = number protocol = string }))	{ "https": { "from_port": 443, "protocol": "tcp", "to_port": 443 } }	no
windows_security_rules	A map of objects of security rules to apply to the Kasm Windows VMs	map(object({ from_port = number to_port = number protocol = string }))	{ "cpx_api": { "from_port": 4902, "protocol": "tcp", "to_port": 4902 }, "cpx_rdp": { "from_port": 3389, "protocol": "tcp", "to_port": 3389 }, "webapp_api": { "from_port": 4902, "protocol": "tcp", "to_port": 4902 } }	no
zone_name	A name given to the kasm deployment Zone	string	"default"	no

Outputs

Name	Description
agent_security_group_id	Kasm Agent Primary region security group ID
agent_subnet_id	Kasm Agent Primary region subnet ID
certificate_arn	AWS Certificate manager certificate ARN
cpx_security_group_id	Kasm Connection Proxy Primary region security group ID
cpx_subnet_id	Kasm cpx RDP Primary region subnet ID
kasm_db_ip	Kasm Database server subnet ID
lb_log_bucket	Load balancer logging bucket name
lb_security_group_id	Kasm Load balancer security group ID
lb_subnet_ids	A list of the Public LB subnet IDs
nat_gateway_ip	The NAT Gateway IP returned in CIDR notation for use with Windows security group rules
primary_vpc_id	Kasm VPC ID
ssm_iam_profile	The SSM IAM Instance Profile name
webapp_security_group_id	Kasm Webapp security group ID
webapp_subnet_ids	A list of the Kasm Webapp subnet IDs
windows_security_group_id	Kasm Windows Primary region security group ID
windows_subnet_id	Kasm Windows Primary region subnet ID