| admin_password |
The administrative user password. No special characters |
string |
n/a |
yes |
| agent_hdd_size_gb |
The HDD size for Kasm Agent nodes |
number |
n/a |
yes |
| agent_instance_type |
The instance type for the Agents |
string |
"t3.medium" |
no |
| agent_security_rules |
A map of objects of security rules to apply to the Kasm WebApp server |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| anywhere |
Anywhere route subnet |
string |
"0.0.0.0/0" |
no |
| aws_domain_name |
The Route53 Zone used for the dns entries. This must already exist in the AWS account. (e.g dev.kasm.contoso.com). The deployment will be accessed via this zone name via https |
string |
n/a |
yes |
| aws_key_pair |
The name of an aws keypair to use. |
string |
n/a |
yes |
| aws_region |
The AWS region for the deployment. (e.g us-east-1) |
string |
n/a |
yes |
| aws_ssm_iam_role_name |
The name of the SSM EC2 role to associate with Kasm VMs for SSH access |
string |
"" |
no |
| aws_ssm_instance_profile_name |
The name of the SSM EC2 Instance Profile to associate with Kasm VMs for SSH access |
string |
"" |
no |
| cpx_hdd_size_gb |
The HDD size for Kasm Guac RDP nodes |
number |
n/a |
yes |
| cpx_instance_type |
The instance type for the cpxamole RDP nodes |
string |
"t3.medium" |
no |
| cpx_security_rules |
A map of objects of security rules to apply to the Kasm Connection Proxy server |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| create_aws_ssm_iam_role |
Create an AWS SSM IAM role to attach to VMs for SSH/console access to VMs. |
bool |
false |
no |
| database_password |
The password for the database. No special characters |
string |
n/a |
yes |
| db_hdd_size_gb |
The HDD size for Kasm DB |
number |
n/a |
yes |
| db_instance_type |
The instance type for the Database |
string |
"t3.small" |
no |
| db_security_rules |
A map of objects of security rules to apply to the Kasm DB |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"postgres": {
"from_port": 5432,
"protocol": "tcp",
"to_port": 5432
}
} |
no |
| default_egress |
Default egress security rule for all security groups |
map(object({
from_port = number
to_port = number
protocol = string
cidr_subnets = list(string)
})) |
{
"all": {
"cidr_subnets": [
"0.0.0.0/0"
],
"from_port": 0,
"protocol": "-1",
"to_port": 0
}
} |
no |
| ec2_ami |
The AMI used for the EC2 nodes. Recommended Ubuntu 20.04 LTS. |
string |
n/a |
yes |
| kasm_build |
The URL for the Kasm Workspaces build |
string |
n/a |
yes |
| kasm_zone_name |
A name given to the kasm deployment Zone |
string |
"default" |
no |
| manager_token |
The manager token value for Agents to authenticate to webapps. No special characters |
string |
n/a |
yes |
| num_agents |
The number of Agent Role Servers to create in the deployment |
number |
2 |
no |
| num_cpx_nodes |
The number of cpx RDP Role Servers to create in the deployment |
number |
2 |
no |
| num_webapps |
The number of WebApp role servers to create in the deployment |
number |
2 |
no |
| private_lb_security_rules |
A map of objects of security rules to apply to the Private ALB |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| project_name |
The name of the deployment (e.g dev, staging). A short single word |
string |
n/a |
yes |
| public_lb_security_rules |
A map of objects of security rules to apply to the Public ALB |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"http": {
"from_port": 80,
"protocol": "tcp",
"to_port": 80
},
"https": {
"from_port": 443,
"protocol": "tcp",
"to_port": 443
}
} |
no |
| service_registration_token |
The service registration token value for cpx RDP servers to authenticate to webapps. No special characters |
string |
n/a |
yes |
| swap_size |
The amount of swap (in MB) to configure inside the compute instances |
number |
n/a |
yes |
| user_password |
The standard (non administrator) user password. No special characters |
string |
n/a |
yes |
| vpc_subnet_cidr |
The subnet CIDR to use for the VPC |
string |
"10.0.0.0/16" |
no |
| web_access_cidrs |
CIDR notation of the bastion host allowed to SSH in to the machines |
list(string) |
[
"0.0.0.0/0"
] |
no |
| webapp_hdd_size_gb |
The HDD size for Kasm Webapp nodes |
number |
n/a |
yes |
| webapp_instance_type |
The instance type for the webapps |
string |
"t3.small" |
no |
| webapp_security_rules |
A map of objects of security rules to apply to the Kasm WebApp server |
object({
from_port = number
to_port = number
protocol = string
}) |
{
"from_port": 443,
"protocol": "tcp",
"to_port": 443
} |
no |
| windows_security_rules |
A map of objects of security rules to apply to the Kasm Windows VMs |
map(object({
from_port = number
to_port = number
protocol = string
})) |
{
"cpx_api": {
"from_port": 4902,
"protocol": "tcp",
"to_port": 4902
},
"cpx_rdp": {
"from_port": 3389,
"protocol": "tcp",
"to_port": 3389
},
"webapp_api": {
"from_port": 4902,
"protocol": "tcp",
"to_port": 4902
}
} |
no |
