Updates readmes with terraform docs

plus3it · Dec 27, 2024 · 13d4743 · 13d4743
1 parent 386a2bc
commit 13d4743
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 31 deletions.
diff --git a/README.md b/README.md
@@ -8,43 +8,44 @@ You can find example implementations of this module in the tests folder. This mo
 requires 2 different AWS accounts to test and so the terraform aws provider definitions
 are assuming that you will be using a profile with the name `aws` and `awsalternate`.
 
-Note: the implementation `tests/create_securityhub_member` will require you to provide the variables
-`email_address` prior to use
+Note: the implementation `tests/test-cross-account` will require you to provide the variable
+`email_address`.
 
 <!-- BEGIN TFDOCS -->
 ## Requirements
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.64.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.70.0 |
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.70.0 |
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_action_targets"></a> [action\_targets](#input\_action\_targets) | Schema list of SecurityHub action targets. | <pre>list(object({<br>    name        = string<br>    description = string<br>    identifer   = string<br>  }))</pre> | `[]` | no |
-| <a name="input_auto_enable_controls"></a> [auto\_enable\_controls](#input\_auto\_enable\_controls) | Boolean that enables the security standards that Security Hub has designated as automatically enabled including: `AWS Foundational Security Best Practices v1.0.0` and `CIS AWS Foundations Benchmark v1.2.0` | `bool` | `true` | no |
-| <a name="input_control_finding_generator"></a> [control\_finding\_generator](#input\_control\_finding\_generator) | Manages whether the account reports consolidated control findings, or generates separate findings for every enabled standard. | `string` | `null` | no |
-| <a name="input_enable_default_standards"></a> [enable\_default\_standards](#input\_enable\_default\_standards) | Boolean that automatically enables new controls when they are added to standards that are enabled | `bool` | `true` | no |
-| <a name="input_product_subscription_arns"></a> [product\_subscription\_arns](#input\_product\_subscription\_arns) | List of product arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_product_subscription.html | `list(string)` | `[]` | no |
-| <a name="input_standard_subscription_arns"></a> [standard\_subscription\_arns](#input\_standard\_subscription\_arns) | List of standard arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_standards_subscription.html | `list(string)` | `[]` | no |
-| <a name="input_standards_controls"></a> [standards\_controls](#input\_standards\_controls) | List of Security Hub standards to enable or disable in current region. | <pre>list(object({<br>    name                  = string<br>    standards_control_arn = string<br>    control_status        = string<br>    disabled_reason       = string<br>  }))</pre> | `[]` | no |
+| <a name="input_security_hub"></a> [security\_hub](#input\_security\_hub) | Object of inputs for Security Hub configuration | <pre>object({<br>    auto_enable_controls      = optional(bool, true)<br>    control_finding_generator = optional(string)<br>    enable_default_standards  = optional(bool, true)<br><br>    product_subscription_arns  = optional(list(string), [])<br>    standard_subscription_arns = optional(list(string), [])<br><br>    action_targets = optional(list(object({<br>      name        = string<br>      description = string<br>      identifier  = string<br>    })), [])<br><br>    standards_control_associations = optional(list(object({<br>      name                = string<br>      association_status  = string<br>      security_control_id = string<br>      standards_arn       = string<br>      updated_reason      = optional(string)<br>    })), [])<br>  })</pre> | `{}` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_account"></a> [account](#output\_account) | Object containing the SecurityHub account resource |
-| <a name="output_action_targets"></a> [action\_targets](#output\_action\_targets) | Object containing the SecurityHub action targets resources |
-| <a name="output_subscriptions"></a> [subscriptions](#output\_subscriptions) | Object containing the SecurityHub subscriptions resources |
+| <a name="output_account"></a> [account](#output\_account) | Object of the Security Hub account resource |
+| <a name="output_action_targets"></a> [action\_targets](#output\_action\_targets) | Map of Security Hub action targets |
+| <a name="output_product_subscriptions"></a> [product\_subscriptions](#output\_product\_subscriptions) | Map of Security Hub Product Subscriptions |
+| <a name="output_standards_control_associations"></a> [standards\_control\_associations](#output\_standards\_control\_associations) | Map of Security Hub Standards Control Associations |
+| <a name="output_standards_subscriptions"></a> [standards\_subscriptions](#output\_standards\_subscriptions) | Map of Security Hub Standards Subscriptions |
 
 <!-- END TFDOCS -->
diff --git a/modules/cross-account-member/README.md b/modules/cross-account-member/README.md
@@ -5,38 +5,34 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.64.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.70.0 |
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.70.0 |
+| <a name="provider_aws.administrator"></a> [aws.administrator](#provider\_aws.administrator) | >= 5.70.0 |
+| <a name="provider_terraform"></a> [terraform](#provider\_terraform) | n/a |
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_member_email"></a> [member\_email](#input\_member\_email) | Email address associated with the member account. Required for the cross-account SecurityHub member invite workflow | `string` | n/a | yes |
-| <a name="input_action_targets"></a> [action\_targets](#input\_action\_targets) | Schema list of SecurityHub action targets. | <pre>list(object({<br>    name        = string<br>    description = string<br>    identifer   = string<br>  }))</pre> | `[]` | no |
-| <a name="input_auto_enable_controls"></a> [auto\_enable\_controls](#input\_auto\_enable\_controls) | Boolean that enables the security standards that Security Hub has designated as automatically enabled including: `AWS Foundational Security Best Practices v1.0.0` and `CIS AWS Foundations Benchmark v1.2.0` | `bool` | `true` | no |
-| <a name="input_control_finding_generator"></a> [control\_finding\_generator](#input\_control\_finding\_generator) | Manages whether the account reports consolidated control findings, or generates separate findings for every enabled standard. | `string` | `"SECURITY_CONTROL"` | no |
-| <a name="input_enable_default_standards"></a> [enable\_default\_standards](#input\_enable\_default\_standards) | Boolean that automatically enables new controls when they are added to standards that are enabled | `bool` | `true` | no |
-| <a name="input_product_subscription_arns"></a> [product\_subscription\_arns](#input\_product\_subscription\_arns) | List of product arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_product_subscription.html | `list(string)` | `[]` | no |
-| <a name="input_standard_subscription_arns"></a> [standard\_subscription\_arns](#input\_standard\_subscription\_arns) | List of standard arns to subscribe to. See https://www.terraform.io/docs/providers/aws/r/securityhub_standards_subscription.html | `list(string)` | `[]` | no |
-| <a name="input_standards_controls"></a> [standards\_controls](#input\_standards\_controls) | List of Security Hub standards to enable or disable in current region. | <pre>list(object({<br>    name                  = string<br>    standards_control_arn = string<br>    control_status        = string<br>    disabled_reason       = string<br>  }))</pre> | `[]` | no |
+| <a name="input_security_hub"></a> [security\_hub](#input\_security\_hub) | Object of inputs for Security Hub configuration | <pre>object({<br>    member_email = string<br>    master_id    = optional(string)<br><br>    auto_enable_controls      = optional(bool, true)<br>    control_finding_generator = optional(string)<br>    enable_default_standards  = optional(bool, true)<br><br>    product_subscription_arns  = optional(list(string), [])<br>    standard_subscription_arns = optional(list(string), [])<br><br>    action_targets = optional(list(object({<br>      name        = string<br>      description = string<br>      identifier  = string<br>    })), [])<br><br>    standards_control_associations = optional(list(object({<br>      name                = string<br>      association_status  = string<br>      security_control_id = string<br>      standards_arn       = string<br>      updated_reason      = optional(string)<br>    })), [])<br>  })</pre> | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
 | <a name="output_accepter"></a> [accepter](#output\_accepter) | Object containing the SecurityHub accepter resource |
-| <a name="output_account"></a> [account](#output\_account) | Object containing the SecurityHub account resource |
-| <a name="output_action_targets"></a> [action\_targets](#output\_action\_targets) | Object containing the SecurityHub action targets resources |
+| <a name="output_account"></a> [account](#output\_account) | Object containing the SecurityHub resources |
 | <a name="output_member"></a> [member](#output\_member) | Object containing the SecurityHub member resource |
-| <a name="output_subscriptions"></a> [subscriptions](#output\_subscriptions) | Object containing the SecurityHub subscriptions resources |
 
 <!-- END TFDOCS -->