Problems with deploying aws workspaces with terraform

Terraform Providers AWS
1

Hello friends how are you? I am going to tell you about the problem I am having.

Currently I am having a problem that where I work we are wanting to display aws workspaces with terraform. ONLY THE WORKSPACE.

The issue I have is that the directory service I have is with a ManagedAD with which I established a trust relationship with my domain “domain.local” (for example).

When creating the workspaces what I want is that the user for which I will create the workspace is for one of my domain and not for one of my “AWS domain (also called ManagedAD)”. Here I show you my code: terraform.tfvars


user2 = "pepe.argento" 
package_1 = "wsb-bh8rsxt14" #Paquete de Windows para Workspace
main_directory = "d-*" #ID directory for my directory service (the Id of the directory I pass it complete, this is an example)
domain.local = "t-*" (the Id of the directory I pass it complete, this is an example)

variables.tf

variable "user2" {}
output "user2" {
  value = var.user2
}
variable "package_1" {}
output "package_1" {
  value = var.package_1
}
variable "main_directory" {}
output "main_directory" {
  value = var.main_directory
}
variable "domain_local" {}
output "domain_local" {
  value = var.domain_local
}

aws_workspaces_workspace.tf

data "aws_workspaces_bundle" "value_windows_10" {
  bundle_id = "wsb-bh8rsxt14" # Value with Windows 10 (English)
}

resource "aws_workspaces_workspace" "Workspace1" {
  directory_id = var.main_directory.id
  bundle_id    = data.aws_workspaces_bundle.value_windows_10.id
  user_name    = var.user2

#root_volume_encryption_enabled = true
 # user_volume_encryption_enabled = true
 # volume_encryption_key          = "alias/aws/workspaces"

  workspace_properties {
    compute_type_name                         = "VALUE"
    user_volume_size_gib                      = 50
    root_volume_size_gib                      = 80
    running_mode                              = "AUTO_STOP"
    running_mode_auto_stop_timeout_in_minutes = 60
  }

  tags = {
    Area = "Finance"
  }
}

My problem is that the workspaces that I am trying to create I want to be used by a user of my on-premises domain with whom I have a trust relationship and not with a user of my directory service. Can you help me how to set that I go to look for it in my on-premise forest with which I have a trust relationship?

2

Hi! Did you figure out how to do this? I’m facing the same problem.