docs: update documentation (#31)

* docs: update documentation * docs(readme): update module usage --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
schubergphilis · Jan 23, 2024 · 50f205d · 50f205d
1 parent 3130d5c
commit 50f205d
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -199,6 +199,7 @@ Suppress finding for specific resources:
 |------|-------------|------|---------|:--------:|
 | <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | The ARN of the KMS key used to encrypt the resources | `string` | n/a | yes |
 | <a name="input_s3_bucket_name"></a> [s3\_bucket\_name](#input\_s3\_bucket\_name) | The name for the S3 bucket which will be created for storing the function's deployment package | `string` | n/a | yes |
+| <a name="input_dynamodb_deletion_protection"></a> [dynamodb\_deletion\_protection](#input\_dynamodb\_deletion\_protection) | The DynamoDB table deletion protection option. | `bool` | `true` | no |
 | <a name="input_dynamodb_table"></a> [dynamodb\_table](#input\_dynamodb\_table) | The DynamoDB table containing the items to be suppressed in Security Hub | `string` | `"securityhub-suppression-list"` | no |
 | <a name="input_eventbridge_suppressor_iam_role_name"></a> [eventbridge\_suppressor\_iam\_role\_name](#input\_eventbridge\_suppressor\_iam\_role\_name) | The name of the role which will be assumed by EventBridge rules | `string` | `"EventBridgeSecurityHubSuppressorRole"` | no |
 | <a name="input_jira_integration"></a> [jira\_integration](#input\_jira\_integration) | Jira integration settings | <pre>object({<br>    enabled                               = optional(bool, false)<br>    credentials_secret_arn                = string<br>    exclude_account_ids                   = optional(list(string), [])<br>    finding_severity_normalized_threshold = optional(number, 70)<br>    issue_type                            = optional(string, "Security Advisory")<br>    project_key                           = string<br><br>    security_group_egress_rules = optional(list(object({<br>      cidr_ipv4                    = optional(string)<br>      cidr_ipv6                    = optional(string)<br>      description                  = string<br>      from_port                    = optional(number, 0)<br>      ip_protocol                  = optional(string, "-1")<br>      prefix_list_id               = optional(string)<br>      referenced_security_group_id = optional(string)<br>      to_port                      = optional(number, 0)<br>    })), [])<br><br>    lambda_settings = optional(object({<br>      name          = optional(string, "securityhub-jira")<br>      iam_role_name = optional(string, "LambdaJiraSecurityHubRole")<br>      log_level     = optional(string, "INFO")<br>      memory_size   = optional(number, 256)<br>      runtime       = optional(string, "python3.8")<br>      timeout       = optional(number, 60)<br>      }), {<br>      name                        = "securityhub-jira"<br>      iam_role_name               = "LambdaJiraSecurityHubRole"<br>      log_level                   = "INFO"<br>      memory_size                 = 256<br>      runtime                     = "python3.8"<br>      timeout                     = 60<br>      security_group_egress_rules = []<br>    })<br>  })</pre> | <pre>{<br>  "credentials_secret_arn": null,<br>  "enabled": false,<br>  "project_key": null<br>}</pre> | no |

diff --git a/examples/basic/main.tf b/examples/basic/main.tf
@@ -16,7 +16,7 @@ resource "random_string" "random" {
 module "security_hub_manager" {
   source = "../../"
 
-  kms_key_arn                 = aws_kms_key.default.arn
-  s3_bucket_name              = "securityhub-suppressor-artifacts-${random_string.random.result}"
-  tags                        = { Terraform = true }
+  kms_key_arn    = aws_kms_key.default.arn
+  s3_bucket_name = "securityhub-suppressor-artifacts-${random_string.random.result}"
+  tags           = { Terraform = true }
 }