chore(doc): readme cleanup

Author: iru

README.md

@@ -1,34 +1,36 @@
 # Sysdig Secure for Cloud in AWS
 
-Terraform module that deploys the **Sysdig Secure for Cloud** stack in **AWS**. It provides unified threat detection, compliance, forensics and analysis.
+Terraform module that deploys the **Sysdig Secure for Cloud** stack in **AWS**.
+<br/>It provides unified threat detection, compliance, forensics and analysis.
 
-There are three major component:
+There are three major components:
 
-* **Cloud Threat Detection**: Tracks abnormal and suspicious activities in your cloud environment based on Falco language. Managed through cloud-connector.
-* **CSPM/Compliance**: It evaluates periodically your cloud configuration, using Cloud Custodian, against some benchmarks and returns the results and remediation you need to fix. Managed through cloud-bench.
-* **Cloud Scanning**: Automatically scans all container images pushed to the registry or as soon a new task which involves a container is spawned in your account. Managed through cloud-scanning.
+* **Cloud Threat Detection**: Tracks abnormal and suspicious activities in your cloud environment based on Falco language.<br/>Managed through cloud-connector.<br/><br/>
+* **CSPM/Compliance**: It evaluates periodically your cloud configuration, using Cloud Custodian, against some benchmarks and returns the results and remediation you need to fix.<br/>Managed through cloud-bench.<br/><br/>
+* **Cloud Scanning**: Automatically scans all container images pushed to the registry or as soon a new task which involves a container is spawned in your account.<br/>Managed through cloud-scanning.<br/><br/>
 
-For other Cloud providers check:
-
-* [GCP](https://github.com/sysdiglabs/terraform-google-cloudvision)
-* [Azure](https://github.com/sysdiglabs/terraform-azurerm-cloudvision)
+For other Cloud providers check: [GCP](https://github.com/sysdiglabs/terraform-google-cloudvision), [Azure](https://github.com/sysdiglabs/terraform-azurerm-cloudvision)
 
 ---
 
 ## Usage
 
 There are several ways to deploy this in you AWS infrastructure:
 
-### Single-Account
+### · Single-Account
+Sysdig workload will be deployed in the same account where user's resources will be watched.<br/>
+More info in [`./examples/single-account`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/examples/single-account)
 
-More info in the [`./examples/single-account/README.md`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/examples/single-account/README.md)
+![single-account diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/07264a75926de2012512f4d67ee303aa964193ae/examples/single-account/diagram-single.png)
 
-### Organizational
+### · Organizational
 
 Using an organizational configuration Cloudtrail.
-More info in the [`./examples/organizational/README.md`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/examples/organizational/README.md)
+More info in [`./examples/organizational`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/examples/organizational)
+
+![organizational diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/07264a75926de2012512f4d67ee303aa964193ae/examples/organizational/diagram-org.png)
 
-### Self-Baked
+### · Self-Baked
 
 If no [examples](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/examples) fit your use-case, be free to self-configure your own `cloudvision` module.
 
@@ -44,7 +46,7 @@ module "cloudvision_aws" {
 }
 
 ```
-See main module [`variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/variables.tf) or [inputs summary](#inputs) file for more optional configuration.
+See [inputs summary](#inputs) or main [module `variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/tree/master/variables.tf) file for more optional configuration.
 
 To run this example you need have your [aws master-account profile configured in CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) and to execute:
 ```terraform
@@ -54,9 +56,8 @@ $ terraform apply
 ```
 
 Notice that:
-- This example will create resources that cost money. Run `terraform destroy` when you don't need them anymore
-- For more detailed configuration inspect both main module and example input variables
-- All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
+* This example will create resources that cost money.<br/>Run `terraform destroy` when you don't need them anymore
+* All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
 
 ---
 

examples/organizational/README.md

@@ -1,22 +1,22 @@
 # Sysdig Secure for Cloud in AWS: Shared Organizational Trail
 
-Deploy Sysdig Secure for Cloud sharing the Trail within an organization. The module will deploy an organizational
-CloudTrail and workload will be run in a member account.
+Deploy Sysdig Secure for Cloud sharing the Trail within an organization.
+* In the **master account**
+  * An Organizational Cloutrail will be deployed
+  * When an account becomes part of an organization, AWS will create an `OrganizationAccountAccessRole` [for account management](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html), which Sysdig Secure for Cloud will use for member-account provisioning.
+  <br/>This Role is hardcoded ATM
+* In the **user-provided member account**:
+    * An additional role `SysdigCloudvisionRole` will be created within the master account, to be able to read cloudtrail-s3 bucket events
+    * All the Sysdig Secure for Cloud service-related resources will be created
 
-When an account becomes part of an organization, AWS will create an `OrganizationAccountAccessRole` [for account management](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html), which cloudvision module will use for member-account provisioning
-
-In the member account:
-    * An additional role `SysdigCloudvisionRole` will be created within the master account, to be able to read s3 bucket events
-    * All the cloudvision service-related resources will be created
-
-![organizational diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/master/examples/organizational/diagram-org.png)
+![organizational diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/07264a75926de2012512f4d67ee303aa964193ae/examples/organizational/diagram-org.png)
 
 ## Prerequisites
 
 Minimum requirements:
 
 1.  Have an existing AWS account as the organization master account
-    * Organizational cloudTrail service must be enabled
+    * Organizational CloudTrail service must be enabled
 1.  AWS profile credentials configuration of the `master` account of the organization
     * This account credentials must be [able to manage cloudtrail creation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/creating-trail-organization.html)
       > You must be logged in with the management account for the organization to create an organization trail. You must also have sufficient permissions for the IAM user or role in the management account to successfully create an organization trail.
@@ -42,7 +42,7 @@ module "cloudvision_aws_organizational" {
 }
 ```
 
-See main module [`variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/blob/master/examples/organizational/variables.tf) or [inputs summary](#inputs) file for more optional configuration.
+See [inputs summary](#inputs) or module [`variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/blob/master/examples/organizational/variables.tf) file for more optional configuration.
 
 To run this example you need have your [aws master-account profile configured in CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) and to execute:
 ```terraform
@@ -51,11 +51,9 @@ $ terraform plan
 $ terraform apply
 ```
 
-Note that:
-  - This example will create resources that cost money. Run `terraform destroy` when you don't need them anymore
-  - For more detailed configuration inspect both main module and example input variables
-  - All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
-
+Notice that:
+* This example will create resources that cost money.<br/>Run `terraform destroy` when you don't need them anymore
+* All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
 
 ---
 

examples/single-account/README.md

@@ -3,7 +3,7 @@
 Deploy Sysdig Secure for Cloud in a single AWS account. All the required resources and workloads will be run
 under the same AWS account.
 
-![organizational diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/master/examples/single-account/diagram-single.png)
+![single-account diagram](https://raw.githubusercontent.com/sysdiglabs/terraform-aws-cloudvision/07264a75926de2012512f4d67ee303aa964193ae/examples/single-account/diagram-single.png)
 
 ## Prerequisites
 
@@ -27,7 +27,7 @@ module "cloudvision_aws_single_account" {
 }
 ```
 
-See main module [`variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/blob/master/examples/single-account/variables.tf) or [inputs summary](#inputs) file for more optional configuration.
+See [inputs summary](#inputs) or module module [`variables.tf`](https://github.com/sysdiglabs/terraform-aws-cloudvision/blob/master/examples/single-account/variables.tf) file for more optional configuration.
 
 To run this example you need have your [aws master-account profile configured in CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) and to execute:
 ```terraform
@@ -36,11 +36,9 @@ $ terraform plan
 $ terraform apply
 ```
 
-Note that:
-  - This example will create resources that cost money. Run `terraform destroy` when you don't need them anymore
-  - For more detailed configuration inspect both main module and example input variables
-  - All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
-
+Notice that:
+* This example will create resources that cost money.<br/>Run `terraform destroy` when you don't need them anymore
+* All created resources will be created within the tags `product:sysdig-cloudvision`, within the resource-group `sysdig-cloudvision`
 ---