From bad7e1cc7be06f95a71090cfd6bc0eb49a6e3951 Mon Sep 17 00:00:00 2001 From: badra001 Date: Thu, 17 Dec 2020 10:22:43 -0500 Subject: [PATCH] update docs --- common/README.md | 34 ++++++++++++++++++++++++++++++++++ standard/README.md | 11 ++++++++++- standard/main.tf | 10 +++++++++- title26/README.md | 15 ++++++++++++++- title26/main.tf | 14 +++++++++++++- 5 files changed, 80 insertions(+), 4 deletions(-) create mode 100644 common/README.md diff --git a/common/README.md b/common/README.md new file mode 100644 index 0000000..cf6e832 --- /dev/null +++ b/common/README.md @@ -0,0 +1,34 @@ +## Requirements + +No requirements. + +## Providers + +| Name | Version | +|------|---------| +| aws | n/a | +| null | n/a | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| \_module\_version | Module version number | `string` | `"2.0"` | no | +| access\_log\_bucket | Server Access Logging Bucket ID | `string` | n/a | yes | +| access\_log\_bucket\_prefix | Access log bucket prefix, to which the bucket name will be appended to make the target\_prefix | `string` | `"s3"` | no | +| allowed\_cidr | List of allowed source IPs (NOT from within the VPC) | `list(string)` | `[]` | no | +| allowed\_endpoints | List of allowed VPC endpoint IDs | `list(string)` | `[]` | no | +| bucket\_folders | List of folders (keys) to create after creation of bucket | `list(string)` | `[]` | no | +| bucket\_name | AWS Bucket Name | `string` | n/a | yes | +| force\_destroy | Sets force\_destroy to allow the bucket and contents to be deleted. The deletion may take a very long time | `bool` | `false` | no | +| kms\_key\_id | AWS KMS Key ID (one per bucket) | `string` | `""` | no | +| tags | AWS Tags | `map(string)` | `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| kms\_key\_arn | Created KMS Key ARN | +| kms\_key\_id | Created KMS Key ID | +| s3\_bucket\_arn | Created S3 Bucket ARN | +| s3\_bucket\_id | Created S3 Bucket ID | diff --git a/standard/README.md b/standard/README.md index 07d8dd1..5db6431 100644 --- a/standard/README.md +++ b/standard/README.md @@ -1,4 +1,10 @@ -# About aws-s3 +# About aws-s3 :: standard + +This submodule allows you to create an S3 bucket using the standard prefixes and settings required for +non-FTI Data. This includes +- Server Access Logging + +Other configurations such as versioning or data safegurad tagging (only on the bucket/keys) are oiptional # Usage @@ -7,9 +13,12 @@ module "mybucket" { source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//standard" bucket_name = "mynormalbucket" + access_log_bucket = "mylogbucket" } ``` +This automaticaly creates an AWS KMS key used just for this bucket. + ## Requirements No requirements. diff --git a/standard/main.tf b/standard/main.tf index 9139664..b7ea135 100644 --- a/standard/main.tf +++ b/standard/main.tf @@ -1,5 +1,11 @@ /* -* # About aws-s3 +* # About aws-s3 :: standard +* +* This submodule allows you to create an S3 bucket using the standard prefixes and settings required for +* non-FTI Data. This includes +* - Server Access Logging +* +* Other configurations such as versioning or data safegurad tagging (only on the bucket/keys) are oiptional * * # Usage * @@ -8,9 +14,11 @@ * source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//standard" * * bucket_name = "mynormalbucket" +* access_log_bucket = "mylogbucket" * } * ``` * +* This automaticaly creates an AWS KMS key used just for this bucket. */ locals { diff --git a/title26/README.md b/title26/README.md index fec3ac3..97a700f 100644 --- a/title26/README.md +++ b/title26/README.md @@ -1,4 +1,10 @@ -# About aws-s3 +# About aws-s3 :: title26 + +This submodule allows you to create an S3 bucket using the standard prefixes and settings required for +FTI (Title26). This includes +- Versioning (though the requirements are unclear on this, this may be removed) +- Tag of boc:safeguade=title26 +- Server Access Logging # Usage @@ -7,10 +13,17 @@ module "mybucket" { source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//title26" bucket_name = "myt26bucket" + access_log_bucket = "mylogbucket" # enable_title26 = true } ``` +This automatically enables the enable\_title26 flag, giving you a tag of `boc:safeguard=title26`. +It does all you to add other safeguards as necessary (title13, pii, etc), and these are joined together +to make a comma separated list. + +This automaticaly creates an AWS KMS key used just for this bucket. + ## Requirements No requirements. diff --git a/title26/main.tf b/title26/main.tf index f2e9f25..aa2c325 100644 --- a/title26/main.tf +++ b/title26/main.tf @@ -1,5 +1,11 @@ /* -* # About aws-s3 +* # About aws-s3 :: title26 +* +* This submodule allows you to create an S3 bucket using the standard prefixes and settings required for +* FTI (Title26). This includes +* - Versioning (though the requirements are unclear on this, this may be removed) +* - Tag of boc:safeguade=title26 +* - Server Access Logging * * # Usage * @@ -8,10 +14,16 @@ * source = "git@github.e.it.census.gov:terraform-modules/aws-s3.git//title26" * * bucket_name = "myt26bucket" +* access_log_bucket = "mylogbucket" * # enable_title26 = true * } * ``` * +* This automatically enables the enable_title26 flag, giving you a tag of `boc:safeguard=title26`. +* It does all you to add other safeguards as necessary (title13, pii, etc), and these are joined together +* to make a comma separated list. +* +* This automaticaly creates an AWS KMS key used just for this bucket. */ locals {