reformat

README.md

@@ -1,21 +1,23 @@
 # aws-t26-s3
-Module for creating Title26 Compliant S3 Buckets
+
+Module for creating Title 26 Compliant S3 Buckets
 
 # Requirements
-1.       Encryption enforcement on the Bucket Policy 
-2.       Only Cloud Administrators have bucket delete permissions
-3.       Permissions tightly controlled with Bucket Policy and IAM role/policy for users, instances, and other services
-4.       Dedicated KMS CMK key 
-5.       MFA enforced API calls – required for all data migrations (Cloud and Data Admins)
-6.       Object Level Logging enabled with 7 year retention on CloudWatch Log Group
-a.       Backup logs to BCC (How often?)
-7.       Server Access Logging enabled with 7 year retention on CloudWatch Log Group
-a.       Backup logs to BCC (How often?)
-8.       Versioning enabled
-9.       Monthly Security Audit reviews
-a.       By customer?
-b.       By CSvD Security?
-10.   IP Address Restriction policy enforced
-11.   Not publically accessible
-12.   Customer signature for key deletion(s) during decommissioning(s) and maximum wait period
-13.   Delete CMK key for Data Sanitization. 
+
+1. Encryption enforcement on the Bucket Policy 
+1. Only Cloud Administrators have bucket delete permissions
+1. Permissions tightly controlled with Bucket Policy and IAM role/policy for users, instances, and other services
+1. Dedicated KMS CMK key 
+1. MFA enforced API calls – required for all data migrations (Cloud and Data Admins)
+1. Object Level Logging enabled with 7 year retention on CloudWatch Log Group
+1. Backup logs to BCC (How often?)
+1. Server Access Logging enabled with 7 year retention on CloudWatch Log Group
+1. Backup logs to BCC (How often?)
+1. Versioning enabled
+1. Monthly Security Audit reviews
+   * By customer?
+   * By CSvD Security?
+1. IP Address Restriction policy enforced
+1. Not publically accessible
+1. Customer signature for key deletion(s) during decommissioning(s) and maximum wait period
+1. Delete CMK key for Data Sanitization.