[Bug]: WorkSpace deployment failure for Graphics.g4dn or GraphicsPro.g4dn instance types

[checkerbomb]

Terraform Core Version

1.9.6

AWS Provider Version

5.68.0

Affected Resource(s)

aws_workspaces_workspace

Expected Behavior

Successful deployment of an AWS WorkSpace instance using the Graphics.g4dn or GraphicsPro.g4dn instance type. The minimum volume size for these instance types is 100 GB, but Terraform only allows 80 or 175 - 2000.

Actual Behavior

Terraform fails to apply and throws an error if root_volume_size_gib = 100 is included in config. If this line is excluded to allow Terraform to use its default value, then AWS throws an error.

Relevant Error/Panic Output Snippet

Errors from Terraform when including root_volume_size_gib = 100 in config:

- Error: expected workspace_properties.0.root_volume_size_gib to be one of [80], got 100

- Error: expected workspace_properties.0.root_volume_size_gib to be in the range (175 - 2000), got 100


Error from AWS when not including root_volume_size_gib in config:

- Error: creating WorkSpaces Workspace: operation error WorkSpaces: CreateWorkspaces, https response error StatusCode: 400, RequestID: xxx_REMOVED_xxx, InvalidParameterValuesException: Graphics: Invalid root and user volume size selected. Root and user volume size (GB) must be (100+|100+).

Terraform Configuration Files

resource "aws_workspaces_workspace" "wstest-graphics_g4dn" {
  bundle_id                      = data.aws_workspaces_bundle.graphics.id
  directory_id                   = aws_directory_service_directory.msad_workspaces.id
  user_name                      = "wstest"
  root_volume_encryption_enabled = true
  user_volume_encryption_enabled = true
  volume_encryption_key          = data.aws_kms_key.workspaces.arn

  workspace_properties {
    compute_type_name                         = "GRAPHICS_G4DN"
    running_mode                              = "AUTO_STOP"
    running_mode_auto_stop_timeout_in_minutes = 60
    user_volume_size_gib                      = 100
    root_volume_size_gib                      = 100
  }

#   lifecycle {
#     ignore_changes = [
#       workspace_properties.0.root_volume_size_gib
#     ]
#   }

}

data "aws_workspaces_bundle" "graphics" {
  bundle_id = "wsb-xyv83v8b5" # Graphics.g4dn with Windows 10 (Server 2022 based)
}

data "aws_kms_key" "workspaces" {
  key_id = "alias/aws/workspaces"
}

resource "aws_directory_service_directory" "msad_workspaces" {
  name                                 = "testad.workspaces.corp.local"
  password                             = var.msad_directory_workspaces_admin_password
  alias                                = "testad"
  short_name                           = "testad-workspaces"
  description                          = null
  desired_number_of_domain_controllers = 2
  type                                 = "MicrosoftAD"
  edition                              = "Standard"
  size                                 = "Small"
  enable_sso                           = false

  vpc_settings {
    subnet_ids = [
      aws_subnet.subnet-1_workspaces.id,
      aws_subnet.subnet-2_workspaces.id
    ]
    vpc_id = aws_vpc.vpc_workspaces.id
  }

  lifecycle {
    ignore_changes = [
      password
    ]
  }
}

Steps to Reproduce

Attempt deployment of a WorkSpace that uses the Graphics.g4dn or GraphicsPro.g4dn instance type with root_volume_size_gib = 100 set in aws_workspaces_workspace config. Terraform will error out indicating it is looking for a value of 80 or within the range of 175 - 2000.

If this line is commented out and apply is attempted using the default supplied by Terraform (80 in this case), AWS will throw an error indicating that 100 is the minimum acceptable value for this instance type.

Debug Output

No response

Panic Output

No response

Important Factoids

I'm not sure that Microsoft AD is required for this configuration; Simple AD or another directory type may be acceptable, but GovCloud, where I'm testing this deployment, does not offer any managed options other than Microsoft AD. The user I'm testing with in this case is called wstest.

To work around this bug and manage an imported WorkSpace that was manually created in the AWS console, workspace_properties.0.root_volume_size_gib must be configured within the WorkSpace resource's lifecycle.ignore_changes section.

References

https://aws.amazon.com/about-aws/whats-new/2022/04/amazon-workspaces-graphics-g4dn-bundles/

Would you like to implement a fix?

None

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.