coder
diff --git a/‎demo-script.md
Lines changed: 71 additions & 0 deletions b/‎demo-script.md
Lines changed: 71 additions & 0 deletions
diff --git a/‎registry/coder/modules/aws-ami-snapshot/README.md
Lines changed: 184 additions & 0 deletions b/‎registry/coder/modules/aws-ami-snapshot/README.md
Lines changed: 184 additions & 0 deletions
diff --git a/‎registry/coder/modules/aws-ami-snapshot/main.test.ts
Lines changed: 31 additions & 0 deletions b/‎registry/coder/modules/aws-ami-snapshot/main.test.ts
Lines changed: 31 additions & 0 deletions
@@ -0,0 +1,71 @@
+# AWS AMI Snapshot Demo Script
+
+## Video Demonstration Outline
+
+### 1. Introduction (30 seconds)
+- Show the problem: "Coder workspaces lose state when stopped"
+- Introduce solution: "AMI snapshots for persistent workspace state"
+
+### 2. Code Structure Overview (1 minute)
+- Navigate to `registry/coder/modules/aws-ami-snapshot/`
+- Show the single `main.tf` file structure
+- Highlight key components:
+  - User parameters (enable_snapshots, snapshot_label, use_previous_snapshot)
+  - AMI snapshot creation logic
+  - Dynamic AMI selection
+
+### 3. Template Integration (1 minute)
+- Show updated AWS templates:
+  - `registry/coder/templates/aws-linux/main.tf`
+  - `registry/coder/templates/aws-windows/main.tf`
+  - `registry/coder/templates/aws-devcontainer/main.tf`
+- Point out the module integration and AMI ID usage
+
+### 4. Live Validation (2 minutes)
+- Run `terraform validate` to show it works
+- Run `terraform plan` to show AWS integration
+- Show the user parameters that would appear in Coder UI
+
+### 5. Feature Walkthrough (2 minutes)
+- Demonstrate user workflow:
+  1. User creates workspace (uses default AMI)
+  2. User works and customizes environment
+  3. User stops workspace (snapshot created automatically)
+  4. User starts workspace again (can choose to restore from snapshot)
+  5. User sees their previous state restored
+
+### 6. Advanced Features (1 minute)
+- Show optional cleanup configuration
+- Explain IAM permissions needed
+- Show tagging and organization features
+
+## Demo Commands to Run
+
+```bash
+# Navigate to the module
+cd registry/coder/modules/aws-ami-snapshot/
+
+# Show the structure
+ls -la
+
+# Show the main configuration
+head -50 main.tf
+
+# Show template integration
+grep -A 10 -B 2 "ami_snapshot" ../../../templates/aws-*/main.tf
+
+# Validate the configuration
+terraform init
+terraform validate
+
+# Show it works with AWS
+terraform plan
+```
+
+## Key Points to Emphasize
+
+1. **Seamless Integration**: Module works with existing templates
+2. **User Control**: Users can enable/disable and label snapshots
+3. **Smart Selection**: Automatically chooses between default AMI and snapshots
+4. **Cost Management**: Optional cleanup policies prevent runaway costs
+5. **Production Ready**: Proper error handling and AWS best practices
@@ -0,0 +1,184 @@
+---
+display_name: AWS AMI Snapshot
+description: Create and manage AMI snapshots for Coder workspaces with restore capabilities
+icon: ../../../../.icons/aws.svg
+maintainer_github: coder
+verified: true
+tags: [aws, snapshot, ami, backup, persistence]
+---
+
+# AWS AMI Snapshot Module
+
+This module provides AMI-based snapshot functionality for Coder workspaces running on AWS EC2 instances. It enables users to create snapshots when workspaces are stopped and restore from previous snapshots when starting workspaces.
+
+## Features
+
+- **Automatic Snapshots**: Create AMI snapshots when workspaces are stopped
+- **User Control**: Enable/disable snapshot functionality per workspace
+- **Custom Labels**: Add custom labels to snapshots for easy identification
+- **Snapshot Selection**: Choose from available snapshots when starting workspaces
+- **Automatic Cleanup**: Optional Data Lifecycle Manager integration for automated cleanup
+- **Workspace Isolation**: Snapshots are tagged and filtered by workspace and owner
+
+## Parameters
+
+The module exposes the following parameters to workspace users:
+
+- `enable_snapshots`: Enable/disable AMI snapshot creation (default: true)
+- `snapshot_label`: Custom label for the snapshot (optional)
+- `use_previous_snapshot`: Select a previous snapshot to restore from (default: none)
+
+## Usage
+
+### Basic Usage
+
+```hcl
+module "ami_snapshot" {
+  source = "registry.coder.com/modules/aws-ami-snapshot"
+  
+  instance_id     = aws_instance.workspace.id
+  default_ami_id  = data.aws_ami.ubuntu.id
+  template_name   = "aws-linux"
+}
+
+resource "aws_instance" "workspace" {
+  ami           = module.ami_snapshot.ami_id
+  instance_type = "t3.micro"
+  
+  # Prevent Terraform from recreating instance when AMI changes
+  lifecycle {
+    ignore_changes = [ami]
+  }
+}
+```
+
+### With Optional Cleanup
+
+```hcl
+module "ami_snapshot" {
+  source = "registry.coder.com/modules/aws-ami-snapshot"
+  
+  instance_id               = aws_instance.workspace.id
+  default_ami_id           = data.aws_ami.ubuntu.id
+  template_name            = "aws-linux"
+  enable_dlm_cleanup       = true
+  dlm_role_arn            = aws_iam_role.dlm_lifecycle_role.arn
+  snapshot_retention_count = 5
+  
+  tags = {
+    Environment = "development"
+    Project     = "my-project"
+  }
+}
+```
+
+### IAM Role for DLM (Optional)
+
+If using automatic cleanup, create an IAM role for Data Lifecycle Manager:
+
+```hcl
+resource "aws_iam_role" "dlm_lifecycle_role" {
+  name = "dlm-lifecycle-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Principal = {
+          Service = "dlm.amazonaws.com"
+        }
+      }
+    ]
+  })
+}
+
+resource "aws_iam_role_policy_attachment" "dlm_lifecycle" {
+  role       = aws_iam_role.dlm_lifecycle_role.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSDataLifecycleManagerServiceRole"
+}
+```
+
+## Required IAM Permissions
+
+Users need the following IAM permissions for full functionality:
+
+```json
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "ec2:CreateImage",
+        "ec2:DescribeImages",
+        "ec2:DescribeInstances",
+        "ec2:CreateTags",
+        "ec2:DescribeTags"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "dlm:CreateLifecyclePolicy",
+        "dlm:GetLifecyclePolicy",
+        "dlm:UpdateLifecyclePolicy",
+        "dlm:DeleteLifecyclePolicy"
+      ],
+      "Resource": "*",
+      "Condition": {
+        "StringEquals": {
+          "dlm:Target": "INSTANCE"
+        }
+      }
+    }
+  ]
+}
+```
+
+## How It Works
+
+1. **Snapshot Creation**: When a workspace transitions to "stop", an AMI snapshot is automatically created (if enabled)
+2. **Tagging**: Snapshots are tagged with workspace name, owner, template, and custom labels
+3. **Snapshot Retrieval**: Available snapshots are retrieved and presented as options for workspace start
+4. **AMI Selection**: The module outputs the appropriate AMI ID (default or selected snapshot)
+5. **Cleanup**: Optional DLM policies can automatically clean up old snapshots
+
+## Variables
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|----------|
+| instance_id | The EC2 instance ID to create snapshots from | string | n/a | yes |
+| default_ami_id | The default AMI ID to use when not restoring from a snapshot | string | n/a | yes |
+| template_name | The name of the Coder template using this module | string | n/a | yes |
+| tags | Additional tags to apply to snapshots | map(string) | {} | no |
+| enable_dlm_cleanup | Enable Data Lifecycle Manager for automated snapshot cleanup | bool | false | no |
+| dlm_role_arn | ARN of the IAM role for DLM | string | "" | no |
+| snapshot_retention_count | Number of snapshots to retain when using DLM cleanup | number | 7 | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| ami_id | The AMI ID to use for the workspace instance |
+| is_using_snapshot | Whether the workspace is using a snapshot AMI |
+| snapshot_ami_id | The AMI ID of the created snapshot (if any) |
+| available_snapshots | List of available snapshot AMI IDs for this workspace |
+| snapshot_info | Detailed information about available snapshots |
+
+## Considerations
+
+- **Cost**: AMI snapshots incur storage costs. Use cleanup policies to manage costs
+- **Time**: AMI creation takes time; workspace stop operations may take longer
+- **Permissions**: Ensure proper IAM permissions for AMI creation and management
+- **Region**: Snapshots are region-specific and cannot be used across regions
+- **Lifecycle**: Use `ignore_changes = [ami]` on EC2 instances to prevent conflicts
+
+## Examples
+
+See the updated AWS templates that use this module:
+- `coder/templates/aws-linux`
+- `coder/templates/aws-windows`
+- `coder/templates/aws-devcontainer`
@@ -0,0 +1,31 @@
+import { describe, expect, it } from "bun:test";
+import {
+	runTerraformApply,
+	runTerraformInit,
+	testRequiredVariables,
+} from "~test";
+
+describe("aws-ami-snapshot", async () => {
+	await runTerraformInit(import.meta.dir);
+
+	testRequiredVariables(import.meta.dir, {
+		instance_id: "i-1234567890abcdef0",
+		default_ami_id: "ami-12345678",
+		template_name: "test-template",
+	});
+
+	it("supports optional variables", async () => {
+		await testRequiredVariables(import.meta.dir, {
+			instance_id: "i-1234567890abcdef0",
+			default_ami_id: "ami-12345678",
+			template_name: "test-template",
+			enable_dlm_cleanup: true,
+			dlm_role_arn: "arn:aws:iam::123456789012:role/dlm-lifecycle-role",
+			snapshot_retention_count: 5,
+			tags: {
+				Environment: "test",
+				Project: "coder",
+			},
+		});
+	});
+});