You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A discussion dedicated to the Amazon DCV Windows module. Share your thoughts, questions, and feedback here.
Module Scorecard
Presentation & Onboarding
Credential Hygiene
Restricted-Environment Readiness
Engineering Quality
IDE Integration
Overall
25 / 25
10 / 20
0 / 20
5 / 10
0 / 25
40 / 100
Drilldown
Presentation & Onboarding — 25 / 25
Criterion
Max
Score
Notes
Configuration-mode examples
12
12
README provides a complete example with sensible defaults for DCV on Windows, including agent setup, metadata display, and port forwarding instructions.
Coder-context framing
8
8
README clearly explains Amazon DCV as a remote display protocol, names both Coder and DCV, and shows how DCV integrates into Coder workspaces with port forwarding and web access.
Visual preview
5
5
README includes an embedded image: 
Credential Hygiene — 10 / 20
Criterion
Max
Score
Notes
Secrets marked sensitive
16
8
The admin_password variable is marked sensitive = true in main.tf, and the password output is also marked sensitive. However, the README example shows the password being passed inline in the coder_app URL (password=${var.admin_password}), and the metadata item example exposes it. This inline usage in examples caps the score at half.
Non-hardcoded auth path
4
2
The module uses a basic password authentication mechanism with a default password. While the password can be overridden, there is no documentation of more secure auth paths like SSO, IAM, or external auth providers. Partial credit for allowing password override.
Restricted-Environment Readiness — 0 / 20
Criterion
Max
Score
Notes
Mirrorable artifact source
10
0
No module input variable exists to override the DCV download URL. The install-dcv.ps1 script (not provided but referenced) would need to download DCV from Amazon's servers, but there is no documented or implemented way to point it to an internal mirror.
Bring-your-own binary
5
0
No documented way to skip the DCV installation when it is already baked into the image. The coder_script resource always runs the install script.
Egress transparency
3
0
No dedicated README section enumerating external endpoints contacted during install or runtime. The license section mentions AWS documentation but does not list actual endpoints.
Runs without sudo
2
0
Cannot verify without seeing install-dcv.ps1, but Windows DCV server installation typically requires administrator privileges. No documentation of a non-admin path.
Engineering Quality — 5 / 10
Criterion
Max
Score
Notes
Input quality
6
5
Variables have descriptions and sensible defaults (port=8443, subdomain=true). The admin_password has a default but could benefit from validation. The order and group variables are well-described. Missing validation on port ranges or password complexity.
Test coverage
4
0
No .tftest.hcl files or TypeScript tests visible in the provided module files. No testing story documented.
IDE Integration — 0 / 25
Criterion
Max
Score
Notes
Dashboard entry point
7
0
While a coder_app resource exists, this is a remote desktop solution (DCV), not an IDE. The module does not provide IDE functionality; it provides desktop streaming. This module should be scored as Utility, not IDE.
Managed configuration
6
0
N/A - not an IDE module.
Configurable folder or workdir
6
0
N/A - not an IDE module.
Pre-installed extensions
6
0
N/A - not an IDE module and not a web IDE.
Overall — 40 / 100
Track assignment error: This is a Utility module (remote desktop streaming), not an IDE. Rescoring as Utility:
Utility rescoring:
Universal criteria: 25 + 10 + 0 + 5 = 40 / 75
Normalized: round(40 / 75 × 100) = 53 / 100
Corrected Score (Utility track):
Presentation & Onboarding
Credential Hygiene
Restricted-Environment Readiness
Engineering Quality
Overall
25 / 25
10 / 20
0 / 20
5 / 10
53 / 100
Drilldown
Presentation & Onboarding — 25 / 25
Criterion
Max
Score
Notes
Configuration-mode examples
12
12
README provides a complete example with sensible defaults for DCV on Windows, including agent setup, metadata display, and port forwarding instructions.
Coder-context framing
8
8
README clearly explains Amazon DCV as a remote display protocol, names both Coder and DCV, and shows how DCV integrates into Coder workspaces with port forwarding and web access.
Visual preview
5
5
README includes an embedded image: 
Credential Hygiene — 10 / 20
Criterion
Max
Score
Notes
Secrets marked sensitive
16
8
The admin_password variable is marked sensitive = true in main.tf, and the password output is also marked sensitive. However, the README example shows the password being passed inline in the coder_app URL (password=${var.admin_password}), and the metadata item example exposes it. This inline usage in examples caps the score at half.
Non-hardcoded auth path
4
2
The module uses a basic password authentication mechanism with a default password. While the password can be overridden, there is no documentation of more secure auth paths like SSO, IAM, or external auth providers. Partial credit for allowing password override.
Restricted-Environment Readiness — 0 / 20
Criterion
Max
Score
Notes
Mirrorable artifact source
10
0
No module input variable exists to override the DCV download URL. The install-dcv.ps1 script (not provided but referenced) would need to download DCV from Amazon's servers, but there is no documented or implemented way to point it to an internal mirror.
Bring-your-own binary
5
0
No documented way to skip the DCV installation when it is already baked into the image. The coder_script resource always runs the install script.
Egress transparency
3
0
No dedicated README section enumerating external endpoints contacted during install or runtime. The license section mentions AWS documentation but does not list actual endpoints.
Runs without sudo
2
0
Cannot verify without seeing install-dcv.ps1, but Windows DCV server installation typically requires administrator privileges. No documentation of a non-admin path.
Engineering Quality — 5 / 10
Criterion
Max
Score
Notes
Input quality
6
5
Variables have descriptions and sensible defaults (port=8443, subdomain=true). The admin_password has a default but could benefit from validation. The order and group variables are well-described. Missing validation on port ranges or password complexity.
Test coverage
4
0
No .tftest.hcl files or TypeScript tests visible in the provided module files. No testing story documented.
Overall — 40 / 100
Scored against SCORECARD.md on 2026-07-15 with claude-sonnet-4-5.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
A discussion dedicated to the Amazon DCV Windows module. Share your thoughts, questions, and feedback here.
Module Scorecard
Drilldown
Presentation & Onboarding — 25 / 25
Credential Hygiene — 10 / 20
admin_passwordvariable is markedsensitive = truein main.tf, and the password output is also marked sensitive. However, the README example shows the password being passed inline in the coder_app URL (password=${var.admin_password}), and the metadata item example exposes it. This inline usage in examples caps the score at half.Restricted-Environment Readiness — 0 / 20
Engineering Quality — 5 / 10
admin_passwordhas a default but could benefit from validation. Theorderandgroupvariables are well-described. Missing validation on port ranges or password complexity.IDE Integration — 0 / 25
coder_appresource exists, this is a remote desktop solution (DCV), not an IDE. The module does not provide IDE functionality; it provides desktop streaming. This module should be scored as Utility, not IDE.Overall — 40 / 100
Track assignment error: This is a Utility module (remote desktop streaming), not an IDE. Rescoring as Utility:
Utility rescoring:
Corrected Score (Utility track):
Drilldown
Presentation & Onboarding — 25 / 25
Credential Hygiene — 10 / 20
admin_passwordvariable is markedsensitive = truein main.tf, and the password output is also marked sensitive. However, the README example shows the password being passed inline in the coder_app URL (password=${var.admin_password}), and the metadata item example exposes it. This inline usage in examples caps the score at half.Restricted-Environment Readiness — 0 / 20
Engineering Quality — 5 / 10
admin_passwordhas a default but could benefit from validation. Theorderandgroupvariables are well-described. Missing validation on port ranges or password complexity.Overall — 40 / 100
Scored against SCORECARD.md on 2026-07-15 with
claude-sonnet-4-5.Beta Was this translation helpful? Give feedback.
All reactions