Merge branch 'release-v1.0.2' into 'main'

nitin-yadav-sq · nitin-yadav-sq · commit 0c73d8509516 · 2023-02-08T14:03:50.000Z
Readme Fixes and enhancements for v1.0.2

See merge request sq-ia/aws/network!20
diff --git a/README.md b/README.md
@@ -5,10 +5,9 @@
 
 [squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png
 
-### [SquareOps Technologies](https://squareops.com/) Provide end to end solution for all your DevOps needs
+### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
 
 <br>
-
 Terraform module to create Networking resources for workload deployment on AWS Cloud.
 
 ## Usage Example
@@ -28,7 +27,6 @@ module "vpc" {
 
   environment                                     = "production"
   name                                            = "skaf"
-  region                                          = "us-east-1"
   vpc_cidr                                        = "10.0.0.0/16"
   azs                                             = ["us-east-1a", "us-east-1b"]
   enable_public_subnet                            = true
@@ -45,12 +43,12 @@ module "vpc" {
 
 }
 ```
-Refer [examples](examples) for all examples.
+Refer [examples](https://github.com/squareops/terraform-aws-vpc/tree/main/examples) for all examples.
 
 ## Important Note
 To prevent destruction interruptions, any resources that have been created outside of Terraform and attached to the resources provisioned by Terraform must be deleted before the module is destroyed.
 
-The private key generated by Keypair module will be stored in AWS Systems Manager Parameter Store. FOr more details refer [this](https://registry.terraform.io/modules/squareops/keypair/aws)
+The private key generated by Keypair module will be stored in AWS Systems Manager Parameter Store. For more details refer [this](https://registry.terraform.io/modules/squareops/keypair/aws)
 
 ## Network Scenarios
 
@@ -62,17 +60,17 @@ This module supports three scenarios to create Network resource on AWS. Each wil
   - `vpc_cidr       = ""`
   - `enable_public_subnet = true`
 - **vpc-with-private-sub:** To create a VPC with public subnets, private subnets, IGW gateway and NAT gateway.
-  - `vpc_cidr              = local.vpc_cidr`
+  - `vpc_cidr              = ""`
   - `enable_public_subnet  = true`
   - `enable_private_subnet = true`
 
 - **complete-vpc-with-vpn:** To create a VPC with public, private, database and intra subnets along with an IGW and NAT gateway. Jump server/Bastion Host is also configured.
-  - `vpc_cidr               = local.vpc_cidr`
+  - `vpc_cidr               = ""`
   - `enable_public_subnet   = true`
   - `enable_private_subnet  = true`
   - `enable_database_subnet = true`
   - `enable_intra_subnet    = true`
-  - `one_nat_gateway_per_az = false`
+  - `one_nat_gateway_per_az = true`
   - `vpn_server_enabled     = true`
   - `vpn_server_instance_type = "t3a.small"`
   - `vpn_key_pair             = ""`
@@ -82,12 +80,11 @@ This module supports three scenarios to create Network resource on AWS. Each wil
 
 
 # IAM Permissions
-The required IAM permissions to create resources from this module can be found [here](https://github.com/squareops/terraform-aws-network/blob/main/IAM.md)
+The required IAM permissions to create resources from this module can be found [here](https://github.com/squareops/terraform-aws-vpc/blob/main/IAM.md)
 
 
 
 # VPN setup-
-
 To configure Pritunl VPN:
 
       1. Access the Pritunl UI over HTTPS using the public IP of EC2 instance in browser
@@ -96,27 +93,22 @@ To configure Pritunl VPN:
       4. After login, in the Initial setup window, add the record created in the 'Lets Encrypt Domain' field.
       5. Pritunl will automatically configure a signed SSL certificate from Lets Encrypt.
       6. Add organization and user to pritunl.
-      7. Set server port as 10150 which is already allowed from security group while creating vpn.
+      7. Add server and set port as 10150 which is already allowed from security group while creating instance for VPN server.
       8. Attach organization to the server and Start the server.
       9. Copy or download user profile link or file.
      10. Import the profile in Pritunl client.
 
     NOTE: Port 80 should be open publicly in the vpn security group to verify and renewing the domain certificate.
 
-# CIS COMPLIANCE
-
-- Follows the VPC recommendations of CIS Amazon Web Services Foundations Benchmark v1.4.0
 
-[ 5. NETWORKING ]
+## CIS COMPLIANCE [<img src="	https://prowler.pro/wp-content/themes/prowler-pro/assets/img/logo.svg" width="250" align="right" />](https://prowler.pro/)
 
-5.1 Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote
-server administration ports (Automated)
+Security scanning is graciously provided by Prowler. Prowler is the leading fully hosted, cloud-native solution providing continuous cluster security and compliance.
 
-5.2 Ensure no security groups allow ingress from 0.0.0.0/0 to remote
-server administration ports (Automated)
-
-5.3 Ensure the default security group of every VPC restricts all traffic
-(Automated)
+| Benchmark | Description |
+|--------|---------------|
+| Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to port 3389 | No Security Groups open to 0.0.0.0/0 |
+| Ensure the default security group of every VPC restricts all traffic | No Default Security Groups open to 0.0.0.0/0 |
 
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -184,3 +176,42 @@ server administration ports (Automated)
 | <a name="output_vpn_host_public_ip"></a> [vpn\_host\_public\_ip](#output\_vpn\_host\_public\_ip) | IP Address of VPN Server |
 | <a name="output_vpn_security_group"></a> [vpn\_security\_group](#output\_vpn\_security\_group) | Security Group ID of VPN Server |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## Contribute & Issue Report
+
+To report an issue with a project:
+
+  1. Check the repository's [issue tracker](https://github.com/squareops/terraform-aws-vpc/issues) on GitHub
+  2. Search to check if the issue has already been reported
+  3. If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Make sure to provide enough context and details.
+
+## License
+
+Apache License, Version 2.0, January 2004 (https://www.apache.org/licenses/LICENSE-2.0)
+
+## Support Us
+
+To support our GitHub project by liking it, you can follow these steps:
+
+  1. Visit the repository: Navigate to the [GitHub repository](https://github.com/squareops/terraform-aws-vpc)
+
+  2. Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.
+
+  3. Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.
+
+Staring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.
+
+## Who we are
+
+We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.
+
+  1. We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.
+  2. Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
+  3. Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
+  4. DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
+  5. Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.
+  6. 24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.
+
+We provide [support](https://squareops.com/contact-us/) on all of our projects, no matter how small or large they may be.
+
+To find more information about our company, visit [squareops.com](https://squareops.com/), follow us on [Linkedin](https://www.linkedin.com/company/squareops-technologies-pvt-ltd/), or fill out a [job application](https://squareops.com/careers/). If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to [contact us](https://squareops.com/contact-us/).
diff --git a/examples/complete-vpc-with-vpn/README.md b/examples/complete-vpc-with-vpn/README.md
@@ -59,4 +59,4 @@ No inputs.
 | <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | The ID of the VPC |
 | <a name="output_vpn_host_public_ip"></a> [vpn\_host\_public\_ip](#output\_vpn\_host\_public\_ip) | IP Adress of VPN Server |
 | <a name="output_vpn_security_group"></a> [vpn\_security\_group](#output\_vpn\_security\_group) | Security Group ID of VPN Server |
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/complete-vpc-with-vpn/main.tf b/examples/complete-vpc-with-vpn/main.tf
@@ -13,8 +13,7 @@ locals {
 data "aws_availability_zones" "available" {}
 
 module "key_pair_vpn" {
-  source = "squareops/keypair/aws"
-  # region             = local.region
+  source             = "squareops/keypair/aws"
   environment        = local.environment
   key_name           = format("%s-%s-vpn", local.environment, local.name)
   ssm_parameter_path = format("%s-%s-vpn", local.environment, local.name)
@@ -25,7 +24,6 @@ module "vpc" {
 
   environment                                     = local.environment
   name                                            = local.name
-  region                                          = local.region
   vpc_cidr                                        = local.vpc_cidr
   azs                                             = [for n in range(0, 2) : data.aws_availability_zones.available.names[n]]
   enable_public_subnet                            = true
diff --git a/examples/simple-vpc/README.md b/examples/simple-vpc/README.md
@@ -53,4 +53,4 @@ No inputs.
 | <a name="output_region"></a> [region](#output\_region) | AWS Region |
 | <a name="output_vpc_cidr_block"></a> [vpc\_cidr\_block](#output\_vpc\_cidr\_block) | AWS Region |
 | <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | The ID of the VPC |
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/simple-vpc/main.tf b/examples/simple-vpc/main.tf
@@ -21,7 +21,6 @@ module "vpc" {
 
   environment          = local.environment
   name                 = local.name
-  region               = local.region
   vpc_cidr             = local.vpc_cidr
   azs                  = [for n in range(0, 3) : data.aws_availability_zones.available.names[n]]
   enable_public_subnet = true
diff --git a/examples/vpc-with-private-sub/README.md b/examples/vpc-with-private-sub/README.md
@@ -52,4 +52,4 @@ No inputs.
 | <a name="output_region"></a> [region](#output\_region) | AWS Region |
 | <a name="output_vpc_cidr_block"></a> [vpc\_cidr\_block](#output\_vpc\_cidr\_block) | AWS Region |
 | <a name="output_vpc_id"></a> [vpc\_id](#output\_vpc\_id) | The ID of the VPC |
-<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/examples/vpc-with-private-sub/main.tf b/examples/vpc-with-private-sub/main.tf
@@ -17,7 +17,6 @@ module "vpc" {
 
   environment           = local.environment
   name                  = local.name
-  region                = local.region
   vpc_cidr              = local.vpc_cidr
   azs                   = [for n in range(0, 3) : data.aws_availability_zones.available.names[n]]
   enable_public_subnet  = true
