terraform-aws-modules
diff --git a/‎README.md
Lines changed: 66 additions & 3 deletions b/‎README.md
Lines changed: 66 additions & 3 deletions
diff --git a/‎examples/complete/README.md
Lines changed: 19 additions & 1 deletion b/‎examples/complete/README.md
Lines changed: 19 additions & 1 deletion
diff --git a/‎examples/complete/outputs.tf
Lines changed: 104 additions & 0 deletions b/‎examples/complete/outputs.tf
Lines changed: 104 additions & 0 deletions
diff --git a/‎foo.tf
Lines changed: 0 additions & 164 deletions b/‎foo.tf
Lines changed: 0 additions & 164 deletions
@@ -2,15 +2,76 @@
 
 Terraform module which creates AWS network firewall resources.
 
+[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)
+
 ## Usage
 
-See [`examples`](https://github.com/clowdhaus/terraform-aws-network-firewall/tree/main/examples) directory for working examples to reference:
+This project supports creating resources through individual sub-modules for better support for RAM resource sharing, or through a single module that creates both the firewall and firewall policy resources.
+See the respective sub-module directory for more details and example usage.
 
-### Firewall & Firewall Policy
 ```hcl
 module "network_firewall" {
-  source = "clowdhaus/network-firewall/aws"
+  source = "terraform-aws-modules/network-firewall/aws"
+
+  # Firewall
+  name        = "example"
+  description = "Example network firewall"
+
+  vpc_id = "vpc-1234556abcdef"
+  subnet_mapping = {
+    subnet1 = {
+      subnet_id       = "subnet-abcde012"
+      ip_address_type = "IPV4"
+    }
+    subnet2 = {
+      subnet_id       = "subnet-bcde012a"
+      ip_address_type = "IPV4"
+    }
+    subnet2 = {
+      subnet_id       = "subnet-fghi345a"
+      ip_address_type = "IPV4"
+    }
+  }
+
+  # Logging configuration
+  create_logging_configuration = true
+  logging_configuration_destination_config = [
+    {
+      log_destination = {
+        logGroup = "/aws/network-firewall/example"
+      }
+      log_destination_type = "CloudWatchLogs"
+      log_type             = "ALERT"
+    },
+    {
+      log_destination = {
+        bucketName = "s3-example-bucket-firewall-flow-logs"
+        prefix     = "example"
+      }
+      log_destination_type = "S3"
+      log_type             = "FLOW"
+    }
+  ]
+
+  # Policy
+  policy_name        = "example"
+  policy_description = "Example network firewall policy"
+
+  policy_stateful_rule_group_reference = {
+    one = {
+      priority     = 0
+      resource_arn = "arn:aws:network-firewall:us-east-1:1234567890:stateful-rulegroup/example"
+    }
+  }
 
+  policy_stateless_default_actions          = ["aws:pass"]
+  policy_stateless_fragment_default_actions = ["aws:drop"]
+  policy_stateless_rule_group_reference = {
+    one = {
+      priority     = 0
+      resource_arn = "arn:aws:network-firewall:us-east-1:1234567890:stateless-rulegroup/example"
+    }
+  }
 
   tags = {
     Terraform   = "true"
@@ -19,11 +80,13 @@ module "network_firewall" {
 }
 ```
 
+
 ## Examples
 
 Examples codified under the [`examples`](https://github.com/clowdhaus/terraform-aws-network-firewall/tree/main/examples) are intended to give users references for how to use the module(s) as well as testing/validating changes to the source code of the module. If contributing to the project, please be sure to make any appropriate updates to the relevant examples to allow maintainers to test your changes and to keep the examples up to date for users. Thank you!
 
 - [Complete](https://github.com/clowdhaus/terraform-aws-network-firewall/tree/main/examples/complete)
+- [Separate](https://github.com/clowdhaus/terraform-aws-network-firewall/tree/main/examples/separate)
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 
@@ -57,7 +57,25 @@ No inputs.
 
 ## Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_firewall_arn"></a> [firewall\_arn](#output\_firewall\_arn) | The Amazon Resource Name (ARN) that identifies the firewall |
+| <a name="output_firewall_id"></a> [firewall\_id](#output\_firewall\_id) | The Amazon Resource Name (ARN) that identifies the firewall |
+| <a name="output_firewall_logging_configuration_id"></a> [firewall\_logging\_configuration\_id](#output\_firewall\_logging\_configuration\_id) | The Amazon Resource Name (ARN) of the associated firewall |
+| <a name="output_firewall_policy_arn"></a> [firewall\_policy\_arn](#output\_firewall\_policy\_arn) | The Amazon Resource Name (ARN) that identifies the firewall policy |
+| <a name="output_firewall_policy_id"></a> [firewall\_policy\_id](#output\_firewall\_policy\_id) | The Amazon Resource Name (ARN) that identifies the firewall policy |
+| <a name="output_firewall_policy_resource_policy_id"></a> [firewall\_policy\_resource\_policy\_id](#output\_firewall\_policy\_resource\_policy\_id) | The Amazon Resource Name (ARN) of the firewall policy associated with the resource policy |
+| <a name="output_firewall_policy_update_token"></a> [firewall\_policy\_update\_token](#output\_firewall\_policy\_update\_token) | A string token used when updating a firewall policy |
+| <a name="output_firewall_rule_group_stateful_arn"></a> [firewall\_rule\_group\_stateful\_arn](#output\_firewall\_rule\_group\_stateful\_arn) | The Amazon Resource Name (ARN) that identifies the rule group |
+| <a name="output_firewall_rule_group_stateful_id"></a> [firewall\_rule\_group\_stateful\_id](#output\_firewall\_rule\_group\_stateful\_id) | The Amazon Resource Name (ARN) that identifies the rule group |
+| <a name="output_firewall_rule_group_stateful_resource_policy_id"></a> [firewall\_rule\_group\_stateful\_resource\_policy\_id](#output\_firewall\_rule\_group\_stateful\_resource\_policy\_id) | The Amazon Resource Name (ARN) of the rule group associated with the resource policy |
+| <a name="output_firewall_rule_group_stateful_update_token"></a> [firewall\_rule\_group\_stateful\_update\_token](#output\_firewall\_rule\_group\_stateful\_update\_token) | A string token used when updating the rule group |
+| <a name="output_firewall_rule_group_stateless_arn"></a> [firewall\_rule\_group\_stateless\_arn](#output\_firewall\_rule\_group\_stateless\_arn) | The Amazon Resource Name (ARN) that identifies the rule group |
+| <a name="output_firewall_rule_group_stateless_id"></a> [firewall\_rule\_group\_stateless\_id](#output\_firewall\_rule\_group\_stateless\_id) | The Amazon Resource Name (ARN) that identifies the rule group |
+| <a name="output_firewall_rule_group_stateless_resource_policy_id"></a> [firewall\_rule\_group\_stateless\_resource\_policy\_id](#output\_firewall\_rule\_group\_stateless\_resource\_policy\_id) | The Amazon Resource Name (ARN) of the rule group associated with the resource policy |
+| <a name="output_firewall_rule_group_stateless_update_token"></a> [firewall\_rule\_group\_stateless\_update\_token](#output\_firewall\_rule\_group\_stateless\_update\_token) | A string token used when updating the rule group |
+| <a name="output_firewall_status"></a> [firewall\_status](#output\_firewall\_status) | Nested list of information about the current status of the firewall |
+| <a name="output_firewall_update_token"></a> [firewall\_update\_token](#output\_firewall\_update\_token) | A string token used when updating a firewall |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 Apache-2.0 Licensed. See [LICENSE](https://github.com/clowdhaus/terraform-aws-network-firewall/blob/main/LICENSE).
@@ -0,0 +1,104 @@
+################################################################################
+# Firewall
+################################################################################
+
+output "firewall_id" {
+  description = "The Amazon Resource Name (ARN) that identifies the firewall"
+  value       = module.network_firewall.id
+}
+
+output "firewall_arn" {
+  description = "The Amazon Resource Name (ARN) that identifies the firewall"
+  value       = module.network_firewall.arn
+}
+
+output "firewall_status" {
+  description = "Nested list of information about the current status of the firewall"
+  value       = module.network_firewall.status
+}
+
+output "firewall_update_token" {
+  description = "A string token used when updating a firewall"
+  value       = module.network_firewall.update_token
+}
+
+################################################################################
+# Firewall Logging Configuration
+################################################################################
+
+output "firewall_logging_configuration_id" {
+  description = "The Amazon Resource Name (ARN) of the associated firewall"
+  value       = module.network_firewall.logging_configuration_id
+}
+
+################################################################################
+# Firewall Policy
+################################################################################
+
+output "firewall_policy_id" {
+  description = "The Amazon Resource Name (ARN) that identifies the firewall policy"
+  value       = module.network_firewall.policy_id
+}
+
+output "firewall_policy_arn" {
+  description = "The Amazon Resource Name (ARN) that identifies the firewall policy"
+  value       = module.network_firewall.policy_arn
+}
+
+output "firewall_policy_update_token" {
+  description = "A string token used when updating a firewall policy"
+  value       = module.network_firewall.policy_update_token
+}
+
+output "firewall_policy_resource_policy_id" {
+  description = "The Amazon Resource Name (ARN) of the firewall policy associated with the resource policy"
+  value       = module.network_firewall.policy_resource_policy_id
+}
+
+################################################################################
+# Rule Group - Stateful
+################################################################################
+
+output "firewall_rule_group_stateful_id" {
+  description = "The Amazon Resource Name (ARN) that identifies the rule group"
+  value       = module.network_firewall_rule_group_stateful.id
+}
+
+output "firewall_rule_group_stateful_arn" {
+  description = "The Amazon Resource Name (ARN) that identifies the rule group"
+  value       = module.network_firewall_rule_group_stateful.arn
+}
+
+output "firewall_rule_group_stateful_update_token" {
+  description = "A string token used when updating the rule group"
+  value       = module.network_firewall_rule_group_stateful.update_token
+}
+
+output "firewall_rule_group_stateful_resource_policy_id" {
+  description = "The Amazon Resource Name (ARN) of the rule group associated with the resource policy"
+  value       = module.network_firewall_rule_group_stateful.resource_policy_id
+}
+
+################################################################################
+# Rule Group - Stateless
+################################################################################
+
+output "firewall_rule_group_stateless_id" {
+  description = "The Amazon Resource Name (ARN) that identifies the rule group"
+  value       = module.network_firewall_rule_group_stateless.id
+}
+
+output "firewall_rule_group_stateless_arn" {
+  description = "The Amazon Resource Name (ARN) that identifies the rule group"
+  value       = module.network_firewall_rule_group_stateless.arn
+}
+
+output "firewall_rule_group_stateless_update_token" {
+  description = "A string token used when updating the rule group"
+  value       = module.network_firewall_rule_group_stateless.update_token
+}
+
+output "firewall_rule_group_stateless_resource_policy_id" {
+  description = "The Amazon Resource Name (ARN) of the rule group associated with the resource policy"
+  value       = module.network_firewall_rule_group_stateless.resource_policy_id
+}