Skip to content

volocloud_tenancy_account_module_azure_vdi

Tenancy Account Module Azure VDI resource configuration main schema.

Example Usage

# Example using Azure VDI module to create a pooled AVD host pool joined to Microsoft Entra Domain Services
resource "volocloud_tenancy_account_module_azure_vdi" "example" {
  account_id = "00000000-0000-0000-0000-000000000000"
  configuration = {
    abbreviation      = "expl"
    directory_service = "AADDS"
    host_pools = [
      {
        abbreviation             = "tst"
        maximum_sessions_allowed = 1
        number_of_session_hosts  = 1
        password_rotation_days   = 0
        scaling_plan = {
          schedules = [
            # This is meant to keep things 100% turned off outside of ramp-up and peak perioads
            {
              days_of_week = [
                "Monday",
                "Tuesday",
                "Wednesday",
                "Thursday",
                "Friday",
                "Saturday",
                "Sunday",
              ]
              name                                 = "week-schedule"
              off_peak_load_balancing_algorithm    = "DepthFirst"
              off_peak_start_time                  = "22:00"
              peak_load_balancing_algorithm        = "BreadthFirst"
              peak_start_time                      = "09:00"
              ramp_down_capacity_threshold_percent = 100
              ramp_down_force_logoff_users         = true
              ramp_down_load_balancing_algorithm   = "DepthFirst"
              ramp_down_minimum_hosts_percent      = 0
              ramp_down_notification_message       = "You will be logged off in 30 min. Make sure to save your work."
              ramp_down_start_time                 = "18:00"
              ramp_down_stop_hosts_when            = "ZeroActiveSessions"
              ramp_down_wait_time_minutes          = 30
              ramp_up_capacity_threshold_percent   = 100
              ramp_up_load_balancing_algorithm     = "BreadthFirst"
              ramp_up_minimum_hosts_percent        = 100
              ramp_up_start_time                   = "08:00"
            },
          ]
          timezone = "UTC"
        }
        session_host_image = {
          new_gallery_image = {
            name  = "example-small"
            offer = "windows-11"
            sku   = "win11-23h2-ent"
          }
        }
        type = "pooled"
        vm = {
          sku = "Standard_B2as_v2"
          spot = {
            enabled         = true
            eviction_policy = "Deallocate"
            max_bid_price   = -1
          }
        }
      }
    ]
    storage_account = {
      file_shares = [
        {
          admin_group_id = "ID" # SID or Object ID
          directories = [
            {
              name = "Example"
              permissions = [
                {
                  access = "Modify"
                  id     = "ID" # SID or Object ID
                }
              ]
            },
          ]
          name                         = "example"
          network_drive_mapping_letter = "S"
          quota                        = 250
        }
      ]
    }
  }
  name               = "example"
  tenancy_account_id = "00000000-0000-0000-0000-000000000000"
  tenancy_id         = "00000000-0000-0000-0000-000000000000"
}

Schema

Required

  • account_id (String) Volocloud Account ID associated with this tenancy_account_module.
  • configuration (Attributes) Provides configuration required to setup Azure Virtual Desktop VDI solution. (see below for nested schema)
  • name (String) Name of the Azure Virtual Desktop environment.
  • tenancy_account_id (String) Volocloud Tenancy Account ID.
  • tenancy_id (String) Volocloud Tenancy ID.

Read-Only

  • id (String) ID of the resource computed from the account_id, tenancy_id, tenancy_account_id and module_id separated by : .
  • module_id (String) Volocloud Tenancy Account Module Azure VDI ID.

Nested Schema for configuration

Required:

  • abbreviation (String) This abbreviation will be used to uniquily identify Azure resources created by this module.
  • directory_service (String) The directory service used for authentication. Valid values are: AADDS or AADKERB.
  • host_pools (Attributes List) Azure Virtual Desktop Host Pools configuration. (see below for nested schema)

Optional:

  • encryption_at_host (Boolean) If enabled, it will encrypt all the disks (including the temp disk) attached to the host pool session host VM(s) by enabling Encryption at Host. Defaults to false.
  • firewall_policy_rules (Attributes) Manages a Firewall Policy Rule Collection Group. At least one rule collection (application/network) MUST be specified. (see below for nested schema)
  • fslogix (Attributes) Settings for the storage account used for AVD User Profiles based on FSLogix file share. (see below for nested schema)
  • storage_account (Attributes) Settings for the storage account used for data file shares. (see below for nested schema)
  • tags (Map of String) Key-value map of resource tags for all the resources created by this.

Nested Schema for configuration.host_pools

Required:

  • abbreviation (String) This abbreviation will be used in combination with module abbreviation to uniquily identify Session Host VMs created by this module and joined in the same AD and as such MUST be unique across all host pools deployed in the same Active Directory domain.
  • number_of_session_hosts (Number) How many Session Host VMs should be deployed in the host pool. If both the module abbreviation and host pool abbreviation are 5 chars in length, the host pool will be limited to maximum 99 session hosts due to NETBIOS length limitations.
  • session_host_image (Attributes) Details for the image to be used for the host pool session hosts. MUST provide one of existing_gallery_image_version_id or new_gallery_image (see below for nested schema)
  • type (String) The host pool type to use. Possible values are personal and pooled.

Optional:

  • file_shares (Attributes List) A list of file share objects to create and associated with all host pools part of this module. (see below for nested schema)
  • firewall_policy_rules (Attributes) Manages a Firewall Policy Rule Collection Group. At least one rule collection (application/network) MUST be specified. (see below for nested schema)
  • maximum_sessions_allowed (Number) A valid integer value from 0 to 999999 for the maximum number of users that have concurrent sessions on a session host. Should only be set if the type of your Azure Virtual Desktop Host Pool is pooled. Defaults to 999999.
  • password_rotation_days (Number) Provides the Session Host VMs local admin password rotation in days. Can be a number between 0 and 365 days. If 0 is provided, the password never rotates. Defaults to 90 days.
  • rdp_properties (List of String) Configures the AVD Host Pool RDP properties. Possible values (using the format) are described in Microsoft Documentation. Defaults to ["enablecredsspsupport:i:1","videoplaybackmode:i:1","audiomode:i:0","devicestoredirect:s:*","drivestoredirect:s:*","redirectclipboard:i:1","redirectcomports:i:1","redirectprinters:i:1","redirectsmartcards:i:1","redirectwebauthn:i:1","usbdevicestoredirect:s:*","use multimon:i:1"].
  • scaling_plan (Attributes) Settings for AVD auto-scaling plan. To learn more about how scaling plans work see AVD Autoscale scenarios. (see below for nested schema)
  • scheduled_agent_updates (Attributes) Disabling scheduled updates means that agent updates will automatically be installed by AVD when they become available. (see below for nested schema)
  • timezone (String) Specifies the Time Zone which should be used by the host pool and its associated resources for time based events, the possible values are defined here. Defaults to UTC.
  • validate_environment (Boolean) If true, the host pool will be used for validation the environemt. For more details see here. Defaults to false.
  • vm (Attributes) Settings related to the VM used as a session host in the AVD host pool. (see below for nested schema)

Nested Schema for configuration.host_pools.session_host_image

Optional:

  • existing_gallery_image_version_id (String) The version ID of a gallery image present in the shared Azure compute gallery in the management account. Conflicts with new_gallery_image and should be used if the desired image is already in the Gallery and it's not built part of this module.
  • new_gallery_image (Attributes) Details to create a new Azure Compute Gallery image. The publisher is MicrosoftWindowsDesktop and cannot be changed. Conflicts with existing_gallery_image_version_id. (see below for nested schema)

Required:

  • name (String) The name of the gallery image definition and image template that will be appended with the sku and version values. Needs to be unique across multiple images in the gallery.

Optional:

  • customize (Attributes) This is the customize section of an Azure Image Builder definition file to create a custom image. For more details see Azure Image Builder. (see below for nested schema)
  • offer (String) The Azure Marketplace VM Offer for MicrosoftWindowsDesktop publisher. Possible values are office-365, windows-10 or windows-11. Defaults to windows-11.
  • sku (String) The Azure Marketplace VM SKU for MicrosoftWindowsDesktop publisher. It can be obtained using azure cli or api. Azure CLI example: az vm image list-skus --location southcentralus --offer windows-11 --publisher MicrosoftWindowsDesktop | jq .[].name. Defaults to win11-23h2-avd.
  • versions (Attributes List) The Azure Image Builder image template version(s) to build and use for the session hosts of this host pool. The size of the list should be between 1 and 10 objects. Defaults to [{"in_use":true,"number":0,"triggers":<null>}]. (see below for nested schema)

Optional:

  • add_on_scripts (Attributes List) A list of objects, where the object has details for running a custom powershell script. Due to limitations on Windows Desktop SKUs (e.g. Windows 10/11), the script will always run as system user and elevated. If a software installation cannot run as system user, the script MUST create a local admin user and execute the installation under that user then delete the user at the end of the installation. (see below for nested schema)
  • built_in_scripts (Attributes) These scripts are published in GitHub by Microsoft. (see below for nested schema)
  • retain_build_vm (Boolean) Retains the Azure Image Builder build VM for troubleshooting purposes. For more details see AIB Connect to Build VM. Defaults to false.
  • timeout (Number) Maximum duration to wait while building the image template (includes all customizations, validations, and distributions). This needs to be updated based on how much time is needed to customize your image. Defaults to 120.

Required:

  • name (String) Name of the script to use and save on the image as .ps1 script file.
  • url (String) This can be a public or private URL. The private blob MUST be hosted in the Compute Gallery storage account part of the Management subscription created by Volo Cloud Foundations. If the content of the script requires downloading private files/folders, these need to be uploaded to the same Compute Gallery storage account first and the script MUST use azcopy command to download the files/folder locally and then remove them once finished.

Optional:

  • parameters (Map of String) A map of key/value pairs for the powershell script if it supports any input parameters. The key is the parameter name and the value is the parameter value as encoded as string. The script will be called using the parameter value encapsulated in single quotes.

Optional:

Optional:

  • enabled (Boolean) If true, install and enable multimedia redirection (x64 architecture). Defaults to true.
  • parameters (Map of String) A map with ONLY browsers key and it's values the JSON encoded string containing a list with elements: chrome and/or edge. Defaults to ["edge"].

Optional:

  • enabled (Boolean) If true, enable RDP shortpath for AVD. Defaults to true.

Optional:

  • enabled (Boolean) If true, enable screen capture protection. Defaults to true.
  • parameters (Map of String) A map with ONLY block key and it's value either BlockBoth or BlockClient. Defaults to BlockClient.

Optional:

  • enabled (Boolean) If true, configure session timeouts for AVD. Defaults to true.
  • parameters (Map of String) A map with ONLY active, disconnected, idle and logoff keys and their values are numbers (minutes) as string. Defaults to {active:"1440",disconnected:"120",idle:"60",logoff:"1440"}.

Optional:

  • enabled (Boolean) If true, enable MS Teams optimizations for AVD (x64 architecture). Defaults to true.

Optional:

  • enabled (Boolean) If true, enable user profile for AVD. Defaults to true.
  • parameters (Map of String) A map with ONLY size keys and their values are numbers as string. Defaults to {size:"30000"}.

Optional:

  • enabled (Boolean) If true, enable Windows optimizations for AVD. Defaults to true.
  • parameters (Map of String) A map with ONLY optimizations key and it's values the JSON encoded string containing a list with elements: Autologgers, DefaultUserSettings, DiskCleanup, Edge, LGPO, NetworkOptimizations, RemoveLegacyIE. RemoveOneDrive, ScheduledTasks, Services, WindowsMediaPlayer. Defaults to all except RemoveOneDrive.

Required:

  • number (Number) The Azure Image Builder image template version number to build for the session hosts of this host pool. MUST be between 0 and 9 and MUST be unique across all objects in the list. Defaults to 0

Optional:

  • in_use (Boolean) If provided and it's true, the version will be used for the session hosts of this host pool. If provided and it's false, there will be no version built and as such no VMs deployed using this version. Only one instance of this attribute MUST have a value across the entire list of objects. Defaults to true.
  • triggers (List of String) A list of triggers for the specified virtual machine image template associated with this version. Possible values are SourceImage.

Nested Schema for configuration.host_pools.file_shares

Required:

  • admin_group_id (String) The id of the admin group. for Microsoft Entra Domain Services it MUST be a valid Active Directory security identifier (SID) and for Microsoft Entra ID it MUST be a valid object_id.
  • name (String) The name of the file share. Changing this forces a new resource to be created.
  • network_drive_mapping_letter (String) Creates a network drive mapping using the provided letter in the session hosts associated with all the host pools created by this module. MUST be capital letter from E to Z.

Optional:

  • access_tier (String) The access tier of the File Share where the storage account is configured with a standard performance tier. This is ignored if the storage account is configured with a premium performance tier. Possible values are Cool, Hot or TransactionOptimized. Default to Hot.
  • backup_policy_ids (List of String) One or more backup policy resource ids to be used for this file share. This backup policies MUST exist and you can create it using the tenancy_account rsv attribute configuration.!!! note The maximum number of snapshots that Azure Files can retain is 200. If your combined snapshot count exceeds 200 based on your retention policies, it will result in an error. See this article for more information.
  • directories (Attributes Set) List of directory objects to create in the file share. (see below for nested schema)
  • quota (Number) The size of the file share in GB. If the tier is premium this is the allocation which will be paid for. If the tier is standard this is just an upper limit and will only be charged per consumed storage. Defaults to 500.

Nested Schema for configuration.host_pools.file_shares.directories

Required:

  • name (String) The directory name. MUST start with a letter or underscore. Can contain alphanumeric, underscore, dash, dot or space up to lenght of 128 chars.

Optional:

  • permissions (Attributes Set) A list of Microsoft Entra Domain Services permissions. (see below for nested schema)

Nested Schema for configuration.host_pools.file_shares.directories.permissions

Required:

  • access (String) The access level to configure. Valid values are: FullControl | Modify | Read | Write.
  • id (String) The id of the identity which receives the permissions. for Microsoft Entra Domain Services it MUST be a valid Active Directory security identifier (SID) and for Microsoft Entra ID it MUST be a valid object_id.

Optional:

  • type (String) The type of permission. Valid values are: allow and deny. Defaults to allow.

Nested Schema for configuration.host_pools.firewall_policy_rules

Required:

  • priority (Number) The priority of the Firewall Policy Rule Collection Group. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.

Optional:

  • application_rule_collections (Attributes List) Manages the application rule collection part of the firewall policy rule collection group. (see below for nested schema)
  • network_rule_collections (Attributes List) Manages the network rule collection part of the firewall policy rule collection group. (see below for nested schema)

Nested Schema for configuration.host_pools.firewall_policy_rules.application_rule_collections

Required:

  • action (String) The action to take for the application rules in this collection. Possible values are Allow and Deny.
  • name (String) The name which should be used for this rule collection.
  • priority (Number) The priority of the application rule collection. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.
  • rules (Attributes List) One of more application rule objects. (see below for nested schema)

Nested Schema for configuration.host_pools.firewall_policy_rules.application_rule_collections.rules

Required:

  • name (String) The name which should be used for this rule.

Optional:

  • description (String) The description which should be used for this rule.
  • destination_fqdn_tags (List of String) Specifies a list of destination FQDN tags.
  • destination_fqdns (List of String) Specifies a list of destination FQDNs.
  • http_headers (Attributes List) One or more protocol objects. (see below for nested schema)
  • protocols (Attributes List) One or more protocol objects. (see below for nested schema)
  • web_categories (List of String) Specifies a list of web categories to which access is allowed.

Nested Schema for configuration.host_pools.firewall_policy_rules.application_rule_collections.rules.http_headers

Required:

  • name (String) Specifies the name of the header.
  • value (String) Specifies the value of the value.

Nested Schema for configuration.host_pools.firewall_policy_rules.application_rule_collections.rules.protocols

Required:

  • port (Number) Port number of the protocol. Range is 0-64000.
  • type (String) Protocol type. Possible values are Http and Https.

Nested Schema for configuration.host_pools.firewall_policy_rules.network_rule_collections

Required:

  • action (String) The action to take for the network rules in this collection. Possible values are Allow and Deny.
  • name (String) The name which should be used for this rule collection.
  • priority (Number) The priority of the network rule collection. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.
  • rules (Attributes List) One of more network rule objects. (see below for nested schema)

Nested Schema for configuration.host_pools.firewall_policy_rules.network_rule_collections.rules

Required:

  • destination_ports (List of String) Specifies a list of destination ports.
  • name (String) The name which should be used for this rule.
  • protocols (List of String) Specifies a list of network protocols this rule applies to. Possible values are Any, TCP, UDP, ICMP.

Optional:

  • description (String) The description which should be used for this rule.
  • destination_addresses (List of String) Specifies a list of destination IP addresses (including CIDR, IP range and *) or Service Tags.
  • destination_fqdns (List of String) Specifies a list of destination FQDNs.
  • destination_ip_groups (List of String) Specifies a list of destination IP groups.

Nested Schema for configuration.host_pools.scaling_plan

Optional:

  • enabled (Boolean) If true, enables AVD scaling plan. Defaults to true.
  • schedules (Attributes List) The schedule defines how autoscaling will behave around these phases: Ramp-up, Peak hours, Ramp-down, Off-peak hours. Can have multiple schedules to differentiate between days (e.g. weekdays vs weekends). Defaults to (see below for nested schema)

Nested Schema for configuration.host_pools.scaling_plan.schedules

Optional:

  • days_of_week (List of String) A list of days of the week on which this schedule will be used. Possible values are Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, and Sunday. Defaults to all.
  • name (String) The name of the schedule. Defaults to week-schedule
  • off_peak_load_balancing_algorithm (String) The load Balancing Algorithm to use during Off-Peak Hours. Possible values are DepthFirst and BreadthFirst. Defaults to DepthFirst.
  • off_peak_start_time (String) The time at which Off-Peak scaling will begin. This is also the end-time for the Ramp-Down period. The time must be specified in "HH:MM" format. Defaults to 22:00.
  • peak_load_balancing_algorithm (String) The load Balancing Algorithm to use during Peak Hours. Possible values are DepthFirst and BreadthFirst. Defaults to BreadthFirst.
  • peak_start_time (String) The time at which Peak scaling will begin. This is also the end-time for the Ramp-Up period. The time must be specified in "HH:MM" format. Defaults to 09:00.
  • ramp_down_capacity_threshold_percent (Number) This is the value in percentage of used host pool capacity that will be considered to evaluate whether to turn on/off virtual machines during the ramp-down and off-peak hours. For example, if capacity threshold is specified as 60% and your total host pool capacity is 100 sessions, autoscale will turn on additional session hosts once the host pool exceeds a load of 60 sessions. Defaults to 90.
  • ramp_down_force_logoff_users (Boolean) Whether users will be forced to log-off session hosts once the ramp_down_wait_time_minutes value has been exceeded during the Ramp-Down period. Defaults to true.
  • ramp_down_load_balancing_algorithm (String) The load Balancing Algorithm to use during the Ramp-Down period. Possible values are DepthFirst and BreadthFirst. Defaults to DepthFirst.
  • ramp_down_minimum_hosts_percent (Number) The minimum percentage of session host virtual machines that you would like to get to for ramp-down and off-peak hours. For example, if Minimum percentage of hosts is specified as 10% and total number of session hosts in your host pool is 10, autoscale will ensure a minimum of 1 session host is available to take user connections. Defaults to 10.
  • ramp_down_notification_message (String) The notification message to send to users during Ramp-Down period when they are required to log-off.
  • ramp_down_start_time (String) The time at which Ramp-Down scaling will begin. This is also the end-time for the Ramp-Up period. The time must be specified in "HH:MM" format. Defaults to 18:00.
  • ramp_down_stop_hosts_when (String) Controls Session Host shutdown behaviour during Ramp-Down period. Session Hosts can either be shutdown when all sessions on the Session Host have ended, or when there are no Active sessions left on the Session Host. Possible values are ZeroSessions and ZeroActiveSessions. Defaults to ZeroActiveSessions.
  • ramp_down_wait_time_minutes (Number) The number of minutes during Ramp-Down period that autoscale will wait after setting the session host VMs to drain mode, notifying any currently signed in users to save their work before forcing the users to logoff. Once all user sessions on the session host VM have been logged off, Autoscale will shut down the VM. Defaults to 30.
  • ramp_up_capacity_threshold_percent (Number) This is the value of percentage of used host pool capacity that will be considered to evaluate whether to turn on/off virtual machines during the ramp-up and peak hours. For example, if capacity threshold is specified as 60% and your total host pool capacity is 100 sessions, autoscale will turn on additional session hosts once the host pool exceeds a load of 60 sessions. Defaults to 60.
  • ramp_up_load_balancing_algorithm (String) The load Balancing Algorithm to use during the Ramp-Up period. Possible values are DepthFirst and BreadthFirst.
  • ramp_up_minimum_hosts_percent (Number) This is the value of percentage of used host pool capacity that will be considered to evaluate whether to turn on/off virtual machines during the ramp-up and peak hours. For example, if capacity threshold is specified as 60% and your total host pool capacity is 100 sessions, autoscale will turn on additional session hosts once the host pool exceeds a load of 60 sessions. Defaults to 20.
  • ramp_up_start_time (String) The time at which Ramp-Up scaling will begin. This is also the end-time for the Ramp-Up period. The time must be specified in "HH:MM" format. Defaults to 08:00.

Nested Schema for configuration.host_pools.scheduled_agent_updates

Optional:

  • enabled (Boolean) If true, enables AVD agents scheduled updates. Defaults to true.
  • schedules (Attributes List) Primary and alternate maintance windows for AVD agents schedules updates. Defaults to Saturday at 3am. (see below for nested schema)

Nested Schema for configuration.host_pools.scheduled_agent_updates.schedules

Optional:

  • day_of_week (String) Maintenance window day of the week. Possible values are Sunday, Monday, Tuesday, Wednesday, Thursday, Friday or Saturday. Defauts to Saturday.
  • hour_of_day (Number) Maintenance window hour of the day. Must be a number in 24h format. Defaults to 3.

Nested Schema for configuration.host_pools.vm

Optional:

  • os_disk (Attributes) Settings related to the VM OS disk. (see below for nested schema)
  • sku (String) Provide the Session Host VMs SKU to be used for the Host Pool. Possible values are the Azure official Standard_B, Standard_D, Standard_E SKUs.
  • spot (Attributes) Use Azure Spot pricing for the session host VMs. (see below for nested schema)

Nested Schema for configuration.host_pools.vm.os_disk

Optional:

  • redundancy (String) Redundancy level for the storage account. Possible values are lrs or zrs. Defaults to lrs.
  • size (Number) The size of the OS disk. Marketplace images require at least 127 and Azure supports a maximum of 65536 for OS disk. For more details see here. Defaults to 127.
  • type (String) The type of disk to use for VM OS. Possible values are premium or standard. Defaults to standard.

Nested Schema for configuration.host_pools.vm.spot

Optional:

  • enabled (Boolean) If true, enables Azure Spot princing for the session host VMs. Defaults to false. The SKU provided MUST be supported for Spot pricing, otherwise the creation of the VM will fail. Please double check Azure Region and Spot princing before selecting the SKU.
  • eviction_policy (String) Specifies what should happen when the Virtual Machine is evicted for price reasons when using a Spot instance. Possible values are Deallocate and Delete. Changing this forces a new resource to be created. Defaults to Deallocate.
  • max_bid_price (Number) The maximum price you're willing to pay for this Virtual Machine, in US Dollars; which must be greater than the current spot price. If this bid price falls below the current spot price the Virtual Machine will be evicted using the eviction_policy. Defaults to -1, which means that the Virtual Machine should not be evicted for price reasons.

Nested Schema for configuration.firewall_policy_rules

Required:

  • priority (Number) The priority of the Firewall Policy Rule Collection Group. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.

Optional:

  • application_rule_collections (Attributes List) Manages the application rule collection part of the firewall policy rule collection group. (see below for nested schema)
  • network_rule_collections (Attributes List) Manages the network rule collection part of the firewall policy rule collection group. (see below for nested schema)

Nested Schema for configuration.firewall_policy_rules.application_rule_collections

Required:

  • action (String) The action to take for the application rules in this collection. Possible values are Allow and Deny.
  • name (String) The name which should be used for this rule collection.
  • priority (Number) The priority of the application rule collection. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.
  • rules (Attributes List) One of more application rule objects. (see below for nested schema)

Nested Schema for configuration.firewall_policy_rules.application_rule_collections.rules

Required:

  • name (String) The name which should be used for this rule.

Optional:

  • description (String) The description which should be used for this rule.
  • destination_fqdn_tags (List of String) Specifies a list of destination FQDN tags.
  • destination_fqdns (List of String) Specifies a list of destination FQDNs.
  • http_headers (Attributes List) One or more protocol objects. (see below for nested schema)
  • protocols (Attributes List) One or more protocol objects. (see below for nested schema)
  • web_categories (List of String) Specifies a list of web categories to which access is allowed.

Nested Schema for configuration.firewall_policy_rules.application_rule_collections.rules.http_headers

Required:

  • name (String) Specifies the name of the header.
  • value (String) Specifies the value of the value.

Nested Schema for configuration.firewall_policy_rules.application_rule_collections.rules.protocols

Required:

  • port (Number) Port number of the protocol. Range is 0-64000.
  • type (String) Protocol type. Possible values are Http and Https.

Nested Schema for configuration.firewall_policy_rules.network_rule_collections

Required:

  • action (String) The action to take for the network rules in this collection. Possible values are Allow and Deny.
  • name (String) The name which should be used for this rule collection.
  • priority (Number) The priority of the network rule collection. The range is 100-65000. This MUST be unique across all AVD modules in this tenancy.
  • rules (Attributes List) One of more network rule objects. (see below for nested schema)

Nested Schema for configuration.firewall_policy_rules.network_rule_collections.rules

Required:

  • destination_ports (List of String) Specifies a list of destination ports.
  • name (String) The name which should be used for this rule.
  • protocols (List of String) Specifies a list of network protocols this rule applies to. Possible values are Any, TCP, UDP, ICMP.

Optional:

  • description (String) The description which should be used for this rule.
  • destination_addresses (List of String) Specifies a list of destination IP addresses (including CIDR, IP range and *) or Service Tags.
  • destination_fqdns (List of String) Specifies a list of destination FQDNs.
  • destination_ip_groups (List of String) Specifies a list of destination IP groups.

Nested Schema for configuration.fslogix

Optional:

  • backup_policy_ids (List of String) One or more backup policy resource ids to be used for the AVD User Profiles file share. This backup policies MUST exist and you can create it using the tenancy_account rsv attribute configuration.!!! note The maximum number of snapshots that Azure Files can retain is 200. If your combined snapshot count exceeds 200 based on your retention policies, it will result in an error. See this article for more information.
  • quota (Number) The size of the file share in GB. If the tier is Premium this is the allocation which will be paid for. If the tier is Standard this is just an upper limit and will only be charged per consumed storage. Defaults to 100.
  • redundancy (String) Redundancy level for the storage account. Possible values are lrs or zrs. Defaults to lrs.
  • tier (String) The storage account tier. Possible values are Standard or Premium. Defaults to Hot.

Warning

Changing this value causes the storage account to be re-created. CANNOT be changed after creation without destroying the storage account and its data.

Nested Schema for configuration.storage_account

Optional:

  • file_shares (Attributes List) A list of file share objects to create and associated with all host pools part of this module. (see below for nested schema)
  • log_analytics_workspace (Attributes) Storage account insights integration with Log Analytics Workspace. (see below for nested schema)
  • redundancy (String) Redundancy level for the storage account. Possible values are lrs or zrs. Defaults to lrs.
  • tier (String) The storage account tier. Possible values are Standard or Premium. Defaults to {Standard}.

Warning

Changing this value causes the storage account to be re-created. CANNOT be changed after creation without destroying the storage account and its data.

Nested Schema for configuration.storage_account.file_shares

Required:

  • admin_group_id (String) The id of the admin group. for Microsoft Entra Domain Services it MUST be a valid Active Directory security identifier (SID) and for Microsoft Entra ID it MUST be a valid object_id.
  • name (String) The name of the file share. Changing this forces a new resource to be created.
  • network_drive_mapping_letter (String) Creates a network drive mapping using the provided letter in the session hosts associated with all the host pools created by this module. MUST be capital letter from E to Z.

Optional:

  • access_tier (String) The access tier of the File Share where the storage account is configured with a standard performance tier. This is ignored if the storage account is configured with a premium performance tier. Possible values are Cool, Hot or TransactionOptimized. Default to Hot.
  • backup_policy_ids (List of String) One or more backup policy resource ids to be used for this file share. This backup policies MUST exist and you can create it using the tenancy_account rsv attribute configuration.!!! note The maximum number of snapshots that Azure Files can retain is 200. If your combined snapshot count exceeds 200 based on your retention policies, it will result in an error. See this article for more information.
  • directories (Attributes Set) List of directory objects to create in the file share. (see below for nested schema)
  • quota (Number) The size of the file share in GB. If the tier is premium this is the allocation which will be paid for. If the tier is standard this is just an upper limit and will only be charged per consumed storage. Defaults to 500.

Nested Schema for configuration.storage_account.file_shares.directories

Required:

  • name (String) The directory name. MUST start with a letter or underscore. Can contain alphanumeric, underscore, dash, dot or space up to lenght of 128 chars.

Optional:

  • permissions (Attributes Set) A list of Microsoft Entra Domain Services permissions. (see below for nested schema)

Nested Schema for configuration.storage_account.file_shares.directories.permissions

Required:

  • access (String) The access level to configure. Valid values are: FullControl | Modify | Read | Write.
  • id (String) The id of the identity which receives the permissions. for Microsoft Entra Domain Services it MUST be a valid Active Directory security identifier (SID) and for Microsoft Entra ID it MUST be a valid object_id.

Optional:

  • type (String) The type of permission. Valid values are: allow and deny. Defaults to allow.

Nested Schema for configuration.storage_account.log_analytics_workspace

Optional:

  • enabled (Boolean) Whether to enable storage account insights integration with Log Analytics Workspace. Defaults to false.

Import

Import is supported using the following syntax:

$ terraform import volocloud_tenancy_account_module_azure_vdi.example <resource ID>

Note

The format is: "account_id:tenancy_id:tenancy_account_id"