diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
index de28966..4c23e99 100644
--- a/.github/workflows/documentation.yml
+++ b/.github/workflows/documentation.yml
@@ -11,7 +11,7 @@ jobs:
ref: ${{ github.event.pull_request.head.ref }}
- name: Render terraform docs and push changes back to PR
- uses: terraform-docs/gh-actions@v0.6.0
+ uses: terraform-docs/gh-actions@v0.11.0
with:
working-dir: .
output-file: README.md
diff --git a/README.md b/README.md
index 2f7abc7..499a627 100644
--- a/README.md
+++ b/README.md
@@ -13,53 +13,53 @@ See [example](example/) dir
| Name | Version |
|------|---------|
-| terraform | >= 0.14 |
+| [terraform](#requirement\_terraform) | >= 0.14 |
## Providers
| Name | Version |
|------|---------|
-| helm | n/a |
-| kubectl | n/a |
-| kubernetes | n/a |
-| template | n/a |
+| [helm](#provider\_helm) | n/a |
+| [kubectl](#provider\_kubectl) | n/a |
+| [kubernetes](#provider\_kubernetes) | n/a |
+| [template](#provider\_template) | n/a |
## Modules
-No Modules.
+No modules.
## Resources
-| Name |
-|------|
-| [helm_release](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) |
-| [kubectl_manifest](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) |
-| [kubernetes_config_map](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map) |
-| [kubernetes_namespace](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) |
-| [template_file](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) |
+| Name | Type |
+|------|------|
+| [helm_release.nginx_ingress](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubectl_manifest.nginx_ingress_default_certificate](https://registry.terraform.io/providers/gavinbunney/kubectl/latest/docs/resources/manifest) | resource |
+| [kubernetes_config_map.modsecurity_nginx_config](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map) | resource |
+| [kubernetes_namespace.ingress_controllers](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [template_file.nginx_ingress_default_certificate](https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/file) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| backend\_repo | repository for the default backend app | `string` | `"ministryofjustice/cloud-platform-custom-error-pages"` | no |
-| backend\_tag | tag of the default backend app | `string` | `"0.6"` | no |
-| cluster\_domain\_name | The cluster domain used for externalDNS annotations and certmanager | `any` | n/a | yes |
-| controller\_name | Will be used as the ingress controller name and the class annotation | `string` | n/a | yes |
-| default\_cert | Useful if you want to use a default certificate for your ingress controller. Format: namespace/secretName | `string` | `"ingress-controllers/default-certificate"` | no |
-| enable\_external\_dns\_annotation | Add external dns annotation for service | `bool` | `false` | no |
-| enable\_latest\_tls | Provide support to tlsv1.3 along with tlsv1.2 | `bool` | `false` | no |
-| enable\_modsec | Enable https://github.com/SpiderLabs/ModSecurity-nginx | `bool` | `false` | no |
-| enable\_owasp | Use default ruleset from https://github.com/SpiderLabs/owasp-modsecurity-crs/ | `bool` | `false` | no |
-| is\_live\_cluster | For live clusters externalDNS annotation will have var.live\_domain (default *.cloud-platform.service.justice.gov.uk) | `bool` | `false` | no |
-| live1\_cert\_dns\_name | This is to add the live-1 dns name for eks-live cluster default certificate | `string` | `""` | no |
-| live\_domain | The live domain used for externalDNS annotation | `string` | `"cloud-platform.service.justice.gov.uk"` | no |
-| replica\_count | Number of replicas set in deployment | `string` | n/a | yes |
+| [backend\_repo](#input\_backend\_repo) | repository for the default backend app | `string` | `"ministryofjustice/cloud-platform-custom-error-pages"` | no |
+| [backend\_tag](#input\_backend\_tag) | tag of the default backend app | `string` | `"0.6"` | no |
+| [cluster\_domain\_name](#input\_cluster\_domain\_name) | The cluster domain used for externalDNS annotations and certmanager | `any` | n/a | yes |
+| [controller\_name](#input\_controller\_name) | Will be used as the ingress controller name and the class annotation | `string` | n/a | yes |
+| [default\_cert](#input\_default\_cert) | Useful if you want to use a default certificate for your ingress controller. Format: namespace/secretName | `string` | `"ingress-controllers/default-certificate"` | no |
+| [enable\_external\_dns\_annotation](#input\_enable\_external\_dns\_annotation) | Add external dns annotation for service | `bool` | `false` | no |
+| [enable\_latest\_tls](#input\_enable\_latest\_tls) | Provide support to tlsv1.3 along with tlsv1.2 | `bool` | `false` | no |
+| [enable\_modsec](#input\_enable\_modsec) | Enable https://github.com/SpiderLabs/ModSecurity-nginx | `bool` | `false` | no |
+| [enable\_owasp](#input\_enable\_owasp) | Use default ruleset from https://github.com/SpiderLabs/owasp-modsecurity-crs/ | `bool` | `false` | no |
+| [is\_live\_cluster](#input\_is\_live\_cluster) | For live clusters externalDNS annotation will have var.live\_domain (default *.cloud-platform.service.justice.gov.uk) | `bool` | `false` | no |
+| [live1\_cert\_dns\_name](#input\_live1\_cert\_dns\_name) | This is to add the live-1 dns name for eks-live cluster default certificate | `string` | `""` | no |
+| [live\_domain](#input\_live\_domain) | The live domain used for externalDNS annotation | `string` | `"cloud-platform.service.justice.gov.uk"` | no |
+| [replica\_count](#input\_replica\_count) | Number of replicas set in deployment | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
-| helm\_nginx\_ingress\_status | n/a |
+| [helm\_nginx\_ingress\_status](#output\_helm\_nginx\_ingress\_status) | n/a |
diff --git a/templates/modsecurity.conf b/templates/modsecurity.conf
index 40047a4..45e3084 100644
--- a/templates/modsecurity.conf
+++ b/templates/modsecurity.conf
@@ -227,8 +227,8 @@ SecDataDir /tmp/
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
-# Log everything we know about a transaction.
-SecAuditLogParts AIEFHKZ
+# Log everything we know about a transaction, except the body (I)
+SecAuditLogParts AEFHKZ
# Use a single file for logging. This is much easier to look at, but
# assumes that you will use the audit log only ocassionally.