fix docs

terraform-modules · Jul 11, 2022 · af5f2c7 · af5f2c7
1 parent 7c513b0
commit af5f2c7
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 40 deletions.
diff --git a/title26/README.md b/title26/README.md
@@ -18,32 +18,29 @@ do not include a `versions.tf`, do not pin the AWS provider.  Two different vers
 coexist (easily).
 
 ````hcl
-module "my-bucket" {
-
-```hcl
 module "mybucket" {
   source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//title26?ref=3"
 
-  bucket\_name = "myt26bucket"
-  access\_log\_bucket = "mylogbucket"
-  # enable\_title26 = true
-  kms\_admin\_roles   = [ aws\_iam\_role.cloud-admin.arn ]
+  bucket_name = "myt26bucket"
+  access_log_bucket = "mylogbucket"
+  # enable_title26 = true
+  kms_admin_roles   = [ aws_iam_role.cloud-admin.arn ]
 
   ## optional
-  # kms\_policy\_document = data.aws\_iam\_policy\_document.mypolicy.json
-  # bucket\_policy\_document = data.aws\_iam\_policy\_document.mybucketpolicy.json
-  # bucket\_policy\_document\_template = data.aws\_iam\_policy\_document.my-bucketpolicy-template.json
-  # name\_include\_account   = true
-  # name\_include\_region    = true
-  # name\_include\_region\_compact = true
-  # name\_enforce\_region\_compact = false
+  # kms_policy_document = data.aws_iam_policy_document.mypolicy.json
+  # bucket_policy_document = data.aws_iam_policy_document.mybucketpolicy.json
+  # bucket_policy_document_template = data.aws_iam_policy_document.my-bucketpolicy-template.json
+  # name_include_account   = true
+  # name_include_region    = true
+  # name_include_region_compact = true
+  # name_enforce_region_compact = false
 }
 ```
 
 Sample policy for write access to the bucket and use of KMS key
 
 ```hcl
-data "aws\_iam\_policy\_document" "policy" {
+data "aws_iam_policy_document" "policy" {
   statement {
     sid = "ListBuckets"
     actions = [
@@ -63,8 +60,8 @@ data "aws\_iam\_policy\_document" "policy" {
       "s3:DeleteObject"
     ]
     resources = [
-      module.mybucket.s3\_bucket\_arn,
-      format("%v/*", mybucket.s3\_bucket\_arn),
+      module.mybucket.s3_bucket_arn,
+      format("%v/*", mybucket.s3_bucket_arn),
     ]
   }
   statement {
@@ -76,18 +73,18 @@ data "aws\_iam\_policy\_document" "policy" {
       "kms:Encrypt",
       "kms:Decrypt"
     ]
-    resources = [module.mybucket.kms\_key\_id]
+    resources = [module.mybucket.kms_key_id]
   }
 }
 
-resource "aws\_iam\_policy" "policy" {
+resource "aws_iam_policy" "policy" {
   name        = "mypolicy-s3-access"
   description = "Policy for S3 access"
-  policy      = data.aws\_iam\_policy\_document.policy.json
+  policy      = data.aws_iam_policy_document.policy.json
 }
 ```
 
-This automatically enables the enable_title26 flag, giving you a tag of `boc:safeguard=title26`.
+This automatically enables the enable\_title26 flag, giving you a tag of `boc:safeguard=title26`.
 It does all you to add other safeguards as necessary (title13, pii, etc), and these are joined together
 to make a comma separated list.
 
@@ -106,27 +103,27 @@ optionally requires explicit encryption (`require_explicit_encryption` flag, def
 and address restrictions (lists `allowed_cidr` and `allowed_endpoints`).
 
 # Options
-## Options :: name_include_account
+## Options :: name\_include\_account
 Use of this flag as true will include AWS account ID after the bucket name (name-ACCOUNTID).  Default
 is false.
 
-## Options :: name_include_region
+## Options :: name\_include\_region
 Use of this flag as true will include current region after the bucket name (name-REGION).  Default
 is false.  If used in conjunction with `name_include_account`, the region will be at the end.
 
-## Options :: name_include_region_compact
+## Options :: name\_include\_region\_compact
 This flag determines if we compact the region to a shorter name, and use it if the name with the full
 region is longer than the maximum of 63 characters.  It takes the first character of the full region
 name and uses that. For example, `us-gov-west-1` becomes `ugw1`.  The default value is true.
 It is still possible to construct a name that is longer than 63 characters and get a failure, even with
 this shorter region value.
 
-## Options :: name_enforce_region_compact
+## Options :: name\_enforce\_region\_compact
 This flag always compacts the region, no mater whehter the name is longer than 63 characters or not.
 
-## Options :: object_lock_enable
+## Options :: object\_lock\_enable
 This is usable on bucket creation, and it will allow you to add external to this module an object lock
-configuration (aws_s3_object_lock_configuration).  See the [AWS Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
+configuration (aws\_s3\_object\_lock\_configuration).  See the [AWS Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-overview.html)
 and the [Terraform AWS Provider](https://registry.terraform.io/providers/hashicorp%20%20/aws/4.7.0/docs/resources/s3_bucket_object_lock_configuration) docs for
 more details.  Setting this after bucket creation is possible but requires a support tickets, so you're better off doing it up front.
 
@@ -135,21 +132,22 @@ One output of note is the `s3_module_settings`. With this, you can get the setti
 module, the original bucket name before prefix and suffixes, and other things.  It is a map.
 
 ```hcl
-output "s3\_module\_settings" {
+output "s3_module_settings" {
   description = "S3 module settings and values"
   value = {
-    bucket\_name                 = var.bucket\_name
-    resulting\_bucket\_name       = local.bucket\_name
-    resulting\_bucket\_arn        = aws\_s3\_bucket.this.arn
-    name\_include\_region         = var.name\_include\_region
-    name\_include\_account        = var.name\_include\_account
-    name\_include\_region\_compact = var.name\_include\_region\_compact
-    name\_enforce\_region\_compact = var.name\_enforce\_region\_compact
-    account\_id                  = local.account\_id
+    bucket_name                 = var.bucket_name
+    resulting_bucket_name       = local.bucket_name
+    resulting_bucket_arn        = aws_s3_bucket.this.arn
+    name_include_region         = var.name_include_region
+    name_include_account        = var.name_include_account
+    name_include_region_compact = var.name_include_region_compact
+    name_enforce_region_compact = var.name_enforce_region_compact
+    account_id                  = local.account_id
     region                      = local.region
-    region\_short                = local.region\_short
+    region_short                = local.region_short
   }
 }
+```
 
 ## Requirements
 

diff --git a/title26/main.tf b/title26/main.tf
@@ -19,9 +19,6 @@
 * coexist (easily).
 *
 * ```hcl
-* module "my-bucket" {
-*
-* ```hcl
 * module "mybucket" {
 *   source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//title26?ref=3"
 *