From 448c08a1a778531549cc7ea8e51c0139ea66acf8 Mon Sep 17 00:00:00 2001
From: Don Badrak <dbadrak@gmail.com>
Date: Fri, 19 Jun 2020 11:48:27 -0400
Subject: [PATCH] update, add some text to req

---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 241e44e..ff607ae 100644
--- a/README.md
+++ b/README.md
@@ -4,15 +4,15 @@ Module for creating Title 26 Compliant S3 Buckets
 
 # Requirements
 
-1. Encryption enforcement on the Bucket Policy 
 1. Only Cloud Administrators have bucket delete permissions
 1. Permissions tightly controlled with Bucket Policy and IAM role/policy for users, instances, and other services
-1. Dedicated KMS CMK key 
+1. Encryption enforcement on the Bucket Policy 
+1. Dedicated KMS Customer Master Key (CMK) created per S3 bucket
 1. MFA enforced API calls – required for all data migrations (Cloud and Data Admins)
 1. Object Level Logging enabled with 7 year retention on CloudWatch Log Group
-1. Backup logs to BCC (How often?)
+  * Backup logs to BCC (How often?)
 1. Server Access Logging enabled with 7 year retention on CloudWatch Log Group
-1. Backup logs to BCC (How often?)
+   * Backup logs to BCC (How often?)
 1. Versioning enabled
 1. Monthly Security Audit reviews
    * By customer?
@@ -20,4 +20,4 @@ Module for creating Title 26 Compliant S3 Buckets
 1. IP Address Restriction policy enforced
 1. Not publically accessible
 1. Customer signature for key deletion(s) during decommissioning(s) and maximum wait period
-1. Delete CMK key for Data Sanitization.
+1. Delete CMK for Data Sanitization