diff --git a/catalog/aws/airflow/README.md b/catalog/aws/airflow/README.md
index 8a79c0f8..ac8dd4d0 100644
--- a/catalog/aws/airflow/README.md
+++ b/catalog/aws/airflow/README.md
@@ -12,25 +12,25 @@ Airflow is an open source platform to programmatically author, schedule and moni
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| container\_command | n/a | `string` | n/a | yes |
+| container\_command | The command to run on the Airflow container. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| github\_repo\_ref | The git repo reference to clone onto the airflow server | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| container\_image | n/a | `string` | `"airflow"` | no |
-| container\_num\_cores | n/a | `number` | `2` | no |
-| container\_ram\_gb | n/a | `number` | `4` | no |
-| environment\_secrets | n/a | `map(string)` | `{}` | no |
-| environment\_vars | n/a | `map(string)` | `{}` | no |
+| container\_image | Optional. Overrides the docker image used for Airflow execution. | `string` | `"airflow"` | no |
+| container\_num\_cores | Optional. The number of CPU cores. | `number` | `2` | no |
+| container\_ram\_gb | Optional. The amount of RAM to use, in GB. | `number` | `4` | no |
+| environment\_secrets | A map of environment variable secrets to pass to the airflow image. Each secret value should be either a
Secrets Manager URI or a local JSON or YAML file reference in the form `/path/to/file.yml:name_of_secret`. | `map(string)` | `{}` | no |
+| environment\_vars | A map of environment variables to pass to the Airflow image. | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
-| airflow\_url | n/a |
-| logging\_url | n/a |
-| server\_launch\_cli | n/a |
-| summary | n/a |
+| airflow\_url | Link to the airflow web UI. |
+| logging\_url | Link to Airflow logs in Cloudwatch. |
+| server\_launch\_cli | Command to launch the Airflow web server via ECS. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/data-lake/README.md b/catalog/aws/data-lake/README.md
index 9a8865ce..b90dab1d 100644
--- a/catalog/aws/data-lake/README.md
+++ b/catalog/aws/data-lake/README.md
@@ -24,10 +24,10 @@ trigger automatically when new content is added.
| Name | Description |
|------|-------------|
-| s3\_data\_bucket | n/a |
-| s3\_logging\_bucket | n/a |
-| s3\_metadata\_bucket | n/a |
-| summary | n/a |
+| s3\_data\_bucket | The S3 bucket used for data storage. |
+| s3\_logging\_bucket | The S3 bucket used for log file storage. |
+| s3\_metadata\_bucket | The S3 bucket used for metadata file storage. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/dbt/README.md b/catalog/aws/dbt/README.md
index 8700202f..87e42e40 100644
--- a/catalog/aws/dbt/README.md
+++ b/catalog/aws/dbt/README.md
@@ -12,27 +12,27 @@ DBT (Data Built Tool) is a CI/CD and DevOps-friendly platform for automating dat
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| container\_entrypoint | n/a | `any` | n/a | yes |
-| dbt\_run\_command | n/a | `string` | n/a | yes |
+| container\_entrypoint | Optional. Overrides the docker image entrypoint. | `any` | n/a | yes |
+| dbt\_run\_command | Optional. The default command to run when executing DBT. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
| scheduled\_refresh\_interval | A rate string, e.g. '5 minutes'. This is in addition to any other scheduled executions. | `string` | n/a | yes |
-| admin\_cidr | n/a | `list` | `[]` | no |
-| container\_image | n/a | `string` | `"slalomggp/dataops"` | no |
-| container\_num\_cores | n/a | `number` | `4` | no |
-| container\_ram\_gb | n/a | `number` | `16` | no |
-| dbt\_project\_git\_repo | n/a | `string` | `"git+https://github.com/slalom-ggp/dataops-project-template.git"` | no |
+| admin\_cidr | Optional. The range of IP addresses which should be able to access the DBT instance. Defaults to the local user's current IP. | `list` | `[]` | no |
+| container\_image | Optional. A docker image to override the default image. | `string` | `"slalomggp/dataops"` | no |
+| container\_num\_cores | Optional. Overrides the number of CPU cores used. | `number` | `4` | no |
+| container\_ram\_gb | Optional. Overrides the RAM used (in GB). | `number` | `16` | no |
+| dbt\_project\_git\_repo | Optional. A git repo to download to the local image which contains DBT transforms information. | `string` | `"git+https://github.com/slalom-ggp/dataops-project-template.git"` | no |
| environment\_secrets | Mapping of environment variable names to secret manager ARNs.
e.g. arn:aws:secretsmanager:[aws\_region]:[aws\_account]:secret:prod/ECSRunner/AWS\_SECRET\_ACCESS\_KEY | `map(string)` | `{}` | no |
| environment\_vars | Mapping of environment variable names to their values. | `map(string)` | `{}` | no |
| scheduled\_refresh\_times | A list of schedule strings in 6-part cron notation. For help creating cron schedule codes: https://crontab.guru | `list(string)` | `[]` | no |
-| scheduled\_timezone | n/a | `string` | `"PT"` | no |
+| scheduled\_timezone | The timezone code with which to evaluate execution schedule(s). | `string` | `"PT"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| summary | n/a |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/environment/README.md b/catalog/aws/environment/README.md
index 3432ca70..895520c0 100644
--- a/catalog/aws/environment/README.md
+++ b/catalog/aws/environment/README.md
@@ -13,25 +13,25 @@ from this module is designed to be passed easily to downstream modules, streamli
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| aws\_profile | Optional, unless set at the main AWS provider level in which case it is required. | `string` | n/a | yes |
-| aws\_region | n/a | `any` | n/a | yes |
+| aws\_profile | The name of the AWS profile to use. Optional unless set at the main AWS provider level, in which case it is required. | `string` | n/a | yes |
+| aws\_region | Optional, used for multi-region deployments. Overrides the contextual AWS region with the region code provided. | `any` | n/a | yes |
| environment | Standard `environment` module input. (Ignored for the `environment` module.) | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| secrets\_folder | n/a | `string` | n/a | yes |
+| secrets\_folder | Path to the secrets folder (used when initializing the AWS provider.) | `string` | n/a | yes |
| disabled | As a workaround for unsupported 'count' feature in terraform modules, this switch can be used to disable the module entirely. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| aws\_credentials\_file | n/a |
-| environment | n/a |
-| is\_windows\_host | n/a |
-| ssh\_private\_key\_filename | n/a |
-| ssh\_public\_key\_filename | n/a |
-| summary | n/a |
-| user\_home | n/a |
+| aws\_credentials\_file | Path to AWS credentials file for the project. |
+| environment | The `environment` object to be passed as a standard input to other Infrastructure Catalog modules. |
+| is\_windows\_host | True if running on a Windows machine, otherwise False. |
+| ssh\_private\_key\_filename | Path to private key for SSH connections. |
+| ssh\_public\_key\_filename | Path to public key for SSH connections. |
+| summary | Summary of resources created by this module. |
+| user\_home | Path to the admin user's home directory. |
---------------------
diff --git a/catalog/aws/mysql/README.md b/catalog/aws/mysql/README.md
index aeb19d0c..f8f48e8d 100644
--- a/catalog/aws/mysql/README.md
+++ b/catalog/aws/mysql/README.md
@@ -14,25 +14,25 @@ Deploys a MySQL server running on RDS.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| admin\_password | Must be 8 characters long. | `string` | n/a | yes |
-| admin\_username | n/a | `string` | n/a | yes |
+| admin\_password | The initial admin password. Must be 8 characters long. | `string` | n/a | yes |
+| admin\_username | The initial admin username. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| kms\_key\_id | n/a | `string` | n/a | yes |
+| kms\_key\_id | Optional. The ARN for the KMS encryption key used in cluster encryption. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| identifier | n/a | `string` | `"rds-db"` | no |
-| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr. Alternatively, the cost/month @ ~$12.25/mo. (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
-| jdbc\_port | n/a | `number` | `3306` | no |
-| mysql\_version | n/a | `string` | `"5.7.26"` | no |
-| skip\_final\_snapshot | n/a | `bool` | `false` | no |
-| storage\_size\_in\_gb | The allocated storage value is denoted in GB | `string` | `"20"` | no |
+| identifier | The database name which will be used within connection strings and URLs. | `string` | `"rds-db"` | no |
+| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr, or ~$120/mo (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
+| jdbc\_port | Optional. Overrides the default JDBC port for incoming SQL connections. | `number` | `3306` | no |
+| mysql\_version | Optional. The specific MySQL version to use. | `string` | `"5.7.26"` | no |
+| skip\_final\_snapshot | If true, will allow terraform to destroy the RDS cluster without performing a final backup. | `bool` | `false` | no |
+| storage\_size\_in\_gb | The allocated storage value is denoted in GB. | `string` | `"20"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| endpoint | n/a |
-| summary | n/a |
+| endpoint | The MySQL connection endpoint for the new server. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/postgres/README.md b/catalog/aws/postgres/README.md
index 352fdd6d..e5a2db07 100644
--- a/catalog/aws/postgres/README.md
+++ b/catalog/aws/postgres/README.md
@@ -14,28 +14,28 @@ Deploys a Postgres server running on RDS.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| admin\_password | Must be 8 characters long. | `string` | n/a | yes |
-| admin\_username | n/a | `string` | n/a | yes |
-| elastic\_ip | n/a | `string` | n/a | yes |
+| admin\_password | The initial admin password. Must be 8 characters long. | `string` | n/a | yes |
+| admin\_username | The initial admin username. | `string` | n/a | yes |
+| elastic\_ip | Optional. An Elastic IP endpoint which will be used to for routing incoming traffic. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| kms\_key\_id | n/a | `string` | n/a | yes |
+| kms\_key\_id | Optional. The ARN for the KMS encryption key used in cluster encryption. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| s3\_logging\_bucket | n/a | `string` | n/a | yes |
-| s3\_logging\_path | n/a | `string` | n/a | yes |
-| identifier | n/a | `string` | `"rds-postgres-db"` | no |
-| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
-| jdbc\_port | n/a | `number` | `5432` | no |
-| postgres\_version | n/a | `string` | `"11.5"` | no |
-| skip\_final\_snapshot | n/a | `bool` | `false` | no |
+| s3\_logging\_bucket | Optional. An S3 bucket to use for log collection. | `string` | n/a | yes |
+| s3\_logging\_path | Required if `s3_logging_bucket` is set. The path within the S3 bucket to use for log storage. | `string` | n/a | yes |
+| identifier | The database name which will be used within connection strings and URLs. | `string` | `"rds-postgres-db"` | no |
+| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr, or ~$120/mo (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
+| jdbc\_port | Optional. Overrides the default JDBC port for incoming SQL connections. | `number` | `5432` | no |
+| postgres\_version | Optional. Overrides the version of the Postres database engine. | `string` | `"11.5"` | no |
+| skip\_final\_snapshot | If true, will allow terraform to destroy the RDS cluster without performing a final backup. | `bool` | `false` | no |
| storage\_size\_in\_gb | The allocated storage value is denoted in GB | `string` | `"10"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| endpoint | n/a |
-| summary | n/a |
+| endpoint | The Postgres connection endpoint for the new server. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/redshift/README.md b/catalog/aws/redshift/README.md
index e17f0934..88098958 100644
--- a/catalog/aws/redshift/README.md
+++ b/catalog/aws/redshift/README.md
@@ -12,25 +12,25 @@ Redshift is an AWS database platform which applies MPP (Massively-Parallel-Proce
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| admin\_password | Must be 8 characters long. | `string` | n/a | yes |
-| elastic\_ip | n/a | `string` | n/a | yes |
+| admin\_password | The initial admin password. Must be 8 characters long. | `string` | n/a | yes |
+| elastic\_ip | Optional. An Elastic IP endpoint which will be used to for routing incoming traffic. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| kms\_key\_id | n/a | `string` | n/a | yes |
+| kms\_key\_id | Optional. The ARN for the KMS encryption key used in cluster encryption. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| s3\_logging\_bucket | n/a | `string` | n/a | yes |
-| s3\_logging\_path | n/a | `string` | n/a | yes |
-| jdbc\_port | n/a | `number` | `5439` | no |
-| node\_type | Enter the desired node type. The default and cheapest option is 'dc2.large' @ ~$0.25/hr (https://aws.amazon.com/redshift/pricing/) | `string` | `"dc2.large"` | no |
-| num\_nodes | n/a | `number` | `1` | no |
-| skip\_final\_snapshot | n/a | `bool` | `false` | no |
+| s3\_logging\_bucket | Optional. An S3 bucket to use for log collection. | `string` | n/a | yes |
+| s3\_logging\_path | Required if `s3_logging_bucket` is set. The path within the S3 bucket to use for log storage. | `string` | n/a | yes |
+| jdbc\_port | Optional. Overrides the default JDBC port for incoming SQL connections. | `number` | `5439` | no |
+| node\_type | Enter the desired node type. The default and cheapest option is 'dc2.large' @ ~$0.25/hr, ~$180/mo (https://aws.amazon.com/redshift/pricing/) | `string` | `"dc2.large"` | no |
+| num\_nodes | Optional (default=1). The number of Redshift nodes to use. | `number` | `1` | no |
+| skip\_final\_snapshot | If true, will allow terraform to destroy the RDS cluster without performing a final backup. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| endpoint | n/a |
-| summary | n/a |
+| endpoint | The Redshift connection endpoint for the new server. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/singer-taps/README.md b/catalog/aws/singer-taps/README.md
index a6698b82..aaf335b7 100644
--- a/catalog/aws/singer-taps/README.md
+++ b/catalog/aws/singer-taps/README.md
@@ -12,9 +12,9 @@ The Singer Taps platform is the open source stack which powers the [Stitcher](ht
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| container\_command | n/a | `any` | n/a | yes |
-| container\_entrypoint | n/a | `any` | n/a | yes |
-| container\_image | n/a | `any` | n/a | yes |
+| container\_command | Optional. Override the docker image's command. | `any` | n/a | yes |
+| container\_entrypoint | Optional. Override the docker image's entrypoint. | `any` | n/a | yes |
+| container\_image | Optional. Override the docker image with a custom-managed image. | `any` | n/a | yes |
| data\_lake\_metadata\_path | The remote folder for storing tap definitions files.
Currently only S3 paths (s3://...) are supported. | `string` | n/a | yes |
| data\_lake\_storage\_path | The path to where files should be stored in the data lake.
Note: - currently only S3 paths (S3://...) are supported.data - You must specify `target` or `data_lake_storage_path` but not both. | `string` | n/a | yes |
| data\_lake\_type | Specify `S3` if loading to an S3 data lake, otherwise leave blank. | `any` | n/a | yes |
@@ -22,20 +22,20 @@ The Singer Taps platform is the open source stack which powers the [Stitcher](ht
| local\_metadata\_path | The local folder which countains tap definitions files: `data.select` and `plan-*.yml` | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| taps | n/a | list(object({
id = string
settings = map(string)
secrets = map(string)
})) | n/a | yes |
+| taps | A list of objects with the keys `id` (the name of the tap without the 'tap-' prefix), `settings` (a map of tap settings to their desired values), and `secrets` (same as `settings` but mapping setting names to the location of the secret and not the secret
values themselves) | list(object({
id = string
settings = map(string)
secrets = map(string)
})) | n/a | yes |
| target | The definition of which target to load data into.
Note: You must specify `target` or `data_lake_storage_path` but not both. | object({
id = string
settings = map(string)
secrets = map(string)
}) | n/a | yes |
-| container\_num\_cores | n/a | `number` | `0.5` | no |
-| container\_ram\_gb | n/a | `number` | `1` | no |
-| data\_file\_naming\_scheme | n/a | `string` | `"{tap}/{table}/v{version}/{file}"` | no |
+| container\_num\_cores | Optional. Specify the number of cores to use in the container. | `number` | `0.5` | no |
+| container\_ram\_gb | Optional. Specify the amount of RAM to be available to the container. | `number` | `1` | no |
+| data\_file\_naming\_scheme | The naming pattern to use when landing new files in the data lake. Allowed variables are: `{tap}`, `{table}`, `{version}`, and `{file}`" | `string` | `"{tap}/{table}/v{version}/{file}"` | no |
| scheduled\_sync\_times | A list of one or more daily sync times in `HHMM` format. E.g.: `0400` for 4am, `1600` for 4pm | `list(string)` | `[]` | no |
| scheduled\_timezone | The timezone used in scheduling.
Currently the following codes are supported: PST, EST, UTC | `string` | `"PT"` | no |
-| state\_file\_naming\_scheme | n/a | `string` | `"{tap}/{table}/state/{tap}-{table}-v{version}-state.json"` | no |
+| state\_file\_naming\_scheme | The naming pattern to use when writing or updating state files. State files keep track of
data recency and are necessary for incremental loading. Allowed variables are: `{tap}`, `{table}`, `{version}`, and `{file}`" | `string` | `"{tap}/{table}/state/{tap}-{table}-v{version}-state.json"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| summary | n/a |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/catalog/aws/tableau-server/README.md b/catalog/aws/tableau-server/README.md
index 08914a00..b39602d6 100644
--- a/catalog/aws/tableau-server/README.md
+++ b/catalog/aws/tableau-server/README.md
@@ -16,31 +16,31 @@ The module supports both Linux and Windows versions of the Tableau Server Softwa
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| admin\_cidr | n/a | `list` | `[]` | no |
-| app\_cidr | n/a | `list` | [
"0.0.0.0/0"
]
| no |
-| ec2\_instance\_storage\_gb | n/a | `number` | `100` | no |
-| ec2\_instance\_type | n/a | `string` | `"m4.4xlarge"` | no |
-| linux\_https\_domain | n/a | `string` | `""` | no |
-| linux\_use\_https | n/a | `bool` | `false` | no |
-| num\_linux\_instances | n/a | `number` | `1` | no |
-| num\_windows\_instances | n/a | `number` | `0` | no |
-| registration\_file | n/a | `string` | `"../../.secrets/registration.json"` | no |
-| windows\_https\_domain | n/a | `string` | `""` | no |
-| windows\_use\_https | n/a | `bool` | `false` | no |
+| admin\_cidr | Optional. The IP address range(s) which should have access to the admin
on the Tableau Server instances. By default this will default to only allow
connections from the terraform user's current IP address. | `list` | `[]` | no |
+| app\_cidr | Optional. The IP address range(s) which should have access to the view the
Tableau Server web instance (excluding the TMS admin portal and other admin
ports). If not set, this will default to allow incoming connections from
any IP address (['0.0.0.0/0']). In general, this should be omitted unless the
site has a VPN or other internal list of IP whitelist ranges. | `list` | [
"0.0.0.0/0"
]
| no |
+| ec2\_instance\_storage\_gb | The amount of storage to provision on each instance, in GB. | `number` | `100` | no |
+| ec2\_instance\_type | Optional. Overrides the Tableau Server instance type. | `string` | `"m4.4xlarge"` | no |
+| linux\_https\_domain | The https domain if the Linux instances should use HTTPS. | `string` | `""` | no |
+| linux\_use\_https | True if the Linux instances should use HTTPS. | `bool` | `false` | no |
+| num\_linux\_instances | The number of Tableau Server instances to create on Linux. | `number` | `1` | no |
+| num\_windows\_instances | The number of Tableau Server instances to create on Windows. | `number` | `0` | no |
+| registration\_file | A path to a local or remote file for Tableau registration. | `string` | `"../../.secrets/registration.json"` | no |
+| windows\_https\_domain | The https domain if the Windows instances should use HTTPS. | `string` | `""` | no |
+| windows\_use\_https | True if the Windows instances should use HTTPS. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| ec2\_instance\_ids | n/a |
-| ec2\_instance\_private\_ips | n/a |
-| ec2\_instance\_public\_ips | n/a |
-| ec2\_instance\_states | n/a |
-| ec2\_remote\_admin\_commands | n/a |
-| ec2\_windows\_instance\_passwords | n/a |
-| ssh\_private\_key\_path | n/a |
-| ssh\_public\_key\_path | n/a |
-| summary | output "ssh\_key\_name" { value = var.num\_linux\_instances == 0 ? "n/a" : module.linux\_tableau\_servers[0].key\_name } TODO: Detect EC2 Pricing output "ec2\_instance\_hr\_base\_price" { # estimated base price of the (linux) instance type, excluding upcharge for Windows instance and excluding any special pricing or reservation discounts. value = module.linux\_tableau\_servers.instance\_hr\_list\_price } |
+| ec2\_instance\_ids | The EC2 intance ID(s) created by the module. |
+| ec2\_instance\_private\_ips | The private IP address for each EC2 instance. |
+| ec2\_instance\_public\_ips | The public IP address for each EC2 instance (if applicable). |
+| ec2\_instance\_states | The current EC2 instance status for each Tableau Server instance, as of time of plan execution. |
+| ec2\_remote\_admin\_commands | Command line command to connect to the Tableau Server instance(s) via RDP or SSH. |
+| ec2\_windows\_instance\_passwords | The admin passwords for Windows instances (if applicable). |
+| ssh\_private\_key\_path | Local path to private key file for connecting to the server via SSH. |
+| ssh\_public\_key\_path | Local path to public key file for connecting to the server via SSH. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/components/aws/ec2/README.md b/components/aws/ec2/README.md
index 40c5e560..b8d5d39a 100644
--- a/components/aws/ec2/README.md
+++ b/components/aws/ec2/README.md
@@ -13,42 +13,42 @@ credentials (passwords and/or SSH keypairs) needed to connect to the instances.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| ami\_name\_filter | n/a | `string` | n/a | yes |
+| ami\_name\_filter | A name filter used when searching for the EC2 AMI ('\*' used as wildcard). | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| instance\_type | n/a | `string` | n/a | yes |
+| instance\_type | The desired EC2 instance type. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| ssh\_key\_name | n/a | `string` | n/a | yes |
-| ssh\_private\_key\_filepath | n/a | `string` | n/a | yes |
-| admin\_cidr | n/a | `list` | `[]` | no |
-| admin\_ports | n/a | `map` | {
"SSH": "22"
} | no |
-| ami\_owner | n/a | `string` | `"amazon"` | no |
-| app\_cidr | n/a | `list` | [
"0.0.0.0/0"
]
| no |
-| app\_ports | map of port descriptions to port numbers (e.g. 22) or ranges (e.g. '0:65535') | `map` | `{}` | no |
+| ssh\_key\_name | The name of a SSH key pair which has been uploaded to AWS. This is used to access Linux instances remotely. | `string` | n/a | yes |
+| ssh\_private\_key\_filepath | The local private key file for the SSH key pair which has been uploaded to AWS. This is used to access Linux instances remotely. | `string` | n/a | yes |
+| admin\_cidr | Optional. The IP address range(s) which should have access to the admin
on the instance(s). By default this will default to only allow connections
from the terraform user's current IP address. | `list` | `[]` | no |
+| admin\_ports | A map defining the admin ports which should be goverened by `admin_cidr`. Single ports (e.g. '22') and port ranges (e.g. '0:65535') and both supported. | `map` | {
"SSH": "22"
} | no |
+| ami\_owner | The name or account number of the owner who publishes the AMI. | `string` | `"amazon"` | no |
+| app\_cidr | Optional. The IP address range(s) which should have access to the non-admin ports (such as end-user http portal). If not set, this will default to allow incoming
connections from any IP address (['0.0.0.0/0']). In general, this should be omitted
unless the site has a VPN or other internal list of IP whitelist ranges. | `list` | [
"0.0.0.0/0"
]
| no |
+| app\_ports | A map defining the end-user ports which should be goverened by `app_cidr`. Single ports (e.g. '22') and port ranges (e.g. '0:65535') and both supported. | `map` | `{}` | no |
| file\_resources | List of files to needed on the instance (e.g. 'http://url/to/remote/file', '/path/to/local/file', '/path/to/local/file:renamed') | `list` | `[]` | no |
-| https\_domain | n/a | `string` | `""` | no |
-| instance\_storage\_gb | n/a | `number` | `100` | no |
-| is\_windows | n/a | `bool` | `false` | no |
-| num\_instances | n/a | `number` | `1` | no |
-| use\_https | n/a | `bool` | `false` | no |
+| https\_domain | If `use_https` = True, the https domain for secure web traffic. | `string` | `""` | no |
+| instance\_storage\_gb | The desired EC2 instance storage, in GB. | `number` | `100` | no |
+| is\_windows | True to launch a Windows instance, otherwise False. | `bool` | `false` | no |
+| num\_instances | The number of EC2 instances to launch. | `number` | `1` | no |
+| use\_https | True to enable https traffic on the instance. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| instance\_id | n/a |
-| instance\_ids | n/a |
-| instance\_state | n/a |
-| instance\_states | n/a |
-| private\_ip | n/a |
-| private\_ips | n/a |
-| public\_ip | TODO: Detect EC2 Pricing output "instance\_hr\_list\_price" { value = local.price\_per\_instance\_hr } |
-| public\_ips | n/a |
-| remote\_admin\_commands | n/a |
-| ssh\_key\_name | n/a |
-| ssh\_private\_key\_path | n/a |
-| ssh\_public\_key\_path | n/a |
-| windows\_instance\_passwords | n/a |
+| instance\_id | The instance ID (if `num_instances` == 1). |
+| instance\_ids | The list of instance ID created. |
+| instance\_state | The state of the instance at time of apply (if `num_instances` == 1). |
+| instance\_states | A map of instance IDs to the state of each instance at time of apply. |
+| private\_ip | The private IP address (if `num_instances` == 1) |
+| private\_ips | A map of EC2 instance IDs to private IP addresses. |
+| public\_ip | The public IP address (if applicable, and if `num_instances` == 1) |
+| public\_ips | A map of EC2 instance IDs to public IP addresses (if applicable). |
+| remote\_admin\_commands | A map of instance IDs to command-line strings which can be used to connect to each instance. |
+| ssh\_key\_name | The SSH key name for EC2 remote access. |
+| ssh\_private\_key\_path | The local path to the private key file used for EC2 remote access. |
+| ssh\_public\_key\_path | The local path to the public key file used for EC2 remote access. |
+| windows\_instance\_passwords | A map of instance IDs to Windows passwords (if applicable). |
---------------------
diff --git a/components/aws/ecr/README.md b/components/aws/ecr/README.md
index e14f5802..fe1fa908 100644
--- a/components/aws/ecr/README.md
+++ b/components/aws/ecr/README.md
@@ -14,18 +14,18 @@ should not be accessible to external users.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| image\_name | n/a | `any` | n/a | yes |
+| image\_name | Required. The default name for the docker image. (Will be concatenated with `repository_name`.) | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
-| repository\_name | n/a | `any` | n/a | yes |
+| repository\_name | Required. A name for the ECR respository. (Will be concatenated with `image_name`.) | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
-| ecr\_image\_url | n/a |
-| ecr\_repo\_arn | n/a |
-| ecr\_repo\_root | n/a |
+| ecr\_image\_url | The full path to the ECR image, including image name. |
+| ecr\_repo\_arn | The unique ID (ARN) of the ECR repo. |
+| ecr\_repo\_root | The path to the ECR repo, excluding image name. |
---------------------
diff --git a/components/aws/ecs-cluster/README.md b/components/aws/ecs-cluster/README.md
index 83c451a3..82590afe 100644
--- a/components/aws/ecs-cluster/README.md
+++ b/components/aws/ecs-cluster/README.md
@@ -19,16 +19,16 @@ Use in combination with the `ECS-Task` component.
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| ec2\_instance\_count | n/a | `number` | `0` | no |
-| ec2\_instance\_type | n/a | `string` | `"m4.xlarge"` | no |
+| ec2\_instance\_count | Optional. Number of 'always-on' EC2 instances. (Default is 0, meaning no always-on EC2 resources.). | `number` | `0` | no |
+| ec2\_instance\_type | Optional. Overrides default instance type if using always-on EC2 instances (i.e. `ec2_instance_count` > 0). | `string` | `"m4.xlarge"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| ecs\_cluster\_arn | n/a |
-| ecs\_cluster\_name | n/a |
-| ecs\_instance\_role | n/a |
+| ecs\_cluster\_arn | The unique ID (ARN) of the ECS cluster. |
+| ecs\_cluster\_name | The name of the ECS cluster. |
+| ecs\_instance\_role | The name of the IAM instance role used by the ECS cluster. (Can be used to grant additional permissions.) |
---------------------
diff --git a/components/aws/ecs-task/README.md b/components/aws/ecs-task/README.md
index e7862273..7d7a60b7 100644
--- a/components/aws/ecs-task/README.md
+++ b/components/aws/ecs-task/README.md
@@ -16,41 +16,41 @@ Use in combination with the `ECS-Cluster` component.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| container\_command | n/a | `any` | n/a | yes |
-| container\_entrypoint | n/a | `any` | n/a | yes |
-| container\_image | e.g. [aws\_account\_id].dkr.ecr.[aws\_region].amazonaws.com/[repo\_name] | `any` | n/a | yes |
-| ecs\_cluster\_name | n/a | `string` | n/a | yes |
+| container\_command | Optional. Overrides 'command' for the image. | `any` | n/a | yes |
+| container\_entrypoint | Optional. Overrides the 'entrypoint' for the image. | `any` | n/a | yes |
+| container\_image | e.g. [aws\_account\_id].dkr.ecr.[aws\_region].amazonaws.com/[repo\_name] | `string` | n/a | yes |
+| ecs\_cluster\_name | The name of the ECS Cluster to use. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| load\_balancer\_arn | n/a | `string` | n/a | yes |
+| load\_balancer\_arn | Required only if `use_load_balancer` = True. The load balancer to use for inbound traffic. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| permitted\_s3\_buckets | A list of bucket names, to which the ECS task will be granted read/write access. | `list(string)` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| secrets\_manager\_kms\_key\_id | n/a | `string` | n/a | yes |
-| use\_fargate | n/a | `bool` | n/a | yes |
-| admin\_ports | n/a | `list(string)` | [
"8080"
]
| no |
-| always\_on | n/a | `bool` | `false` | no |
-| app\_ports | n/a | `list(string)` | [
"8080"
]
| no |
-| container\_name | n/a | `string` | `"DefaultContainer"` | no |
-| container\_num\_cores | n/a | `string` | `"4"` | no |
-| container\_ram\_gb | n/a | `string` | `"8"` | no |
+| secrets\_manager\_kms\_key\_id | Optional. Overrides the KMS key used when storing secrets in AWS Secrets Manager. | `string` | n/a | yes |
+| admin\_ports | A list of admin ports (to be governed by `admin_cidr`). | `list(string)` | [
"8080"
]
| no |
+| always\_on | True to create an ECS Service with a single 'always-on' task instance. | `bool` | `false` | no |
+| app\_ports | A list of app ports (will be governed by `app_cidr`). | `list(string)` | [
"8080"
]
| no |
+| container\_name | Optional. Overrides the name of the default container. | `string` | `"DefaultContainer"` | no |
+| container\_num\_cores | The number of CPU cores to dedicate to the container. | `string` | `"4"` | no |
+| container\_ram\_gb | The amount of RAM to dedicate to the container. | `string` | `"8"` | no |
| ecs\_launch\_type | 'FARGATE' or 'Standard' | `string` | `"FARGATE"` | no |
| environment\_secrets | Mapping of environment variable names to secret manager ARNs or local file secrets. Examples: - arn:aws:secretsmanager:[aws\_region]:[aws\_account]:secret:prod/ECSRunner/AWS\_SECRET\_ACCESS\_KEY - path/to/file.json:MY\_KEY\_NAME\_1 - path/to/file.yml:MY\_KEY\_NAME\_2 | `map(string)` | `{}` | no |
| environment\_vars | Mapping of environment variable names to their values. | `map(string)` | `{}` | no |
| schedules | A lists of scheduled execution times. | `set(string)` | `[]` | no |
-| use\_load\_balancer | n/a | `bool` | `false` | no |
+| use\_fargate | True to use Fargate for task execution (default), False to use EC2 (classic). | `bool` | `true` | no |
+| use\_load\_balancer | True to receive inbound traffic from the load balancer specified in `load_balancer_arn`. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| ecs\_checklogs\_cli | n/a |
-| ecs\_container\_name | n/a |
-| ecs\_logging\_url | n/a |
-| ecs\_runtask\_cli | n/a |
-| ecs\_security\_group | n/a |
-| ecs\_task\_name | n/a |
-| load\_balancer\_arn | n/a |
-| load\_balancer\_dns | n/a |
+| ecs\_checklogs\_cli | Command-ling string used to print Cloudwatch logs locally. |
+| ecs\_container\_name | The name of the task's primary container. |
+| ecs\_logging\_url | Link to Cloudwatch logs for this task. |
+| ecs\_runtask\_cli | Command-line string used to trigger on-demand execution of the Task. |
+| ecs\_security\_group | The name of the EC2 security group used by ECS. |
+| ecs\_task\_name | The name of the ECS task. |
+| load\_balancer\_arn | The unique ID (ARN) of the load balancer (if applicable). |
+| load\_balancer\_dns | The DNS of the load balancer (if applicable). |
---------------------
diff --git a/components/aws/lambda-python/README.md b/components/aws/lambda-python/README.md
index 61cc1a5b..dac3cabc 100644
--- a/components/aws/lambda-python/README.md
+++ b/components/aws/lambda-python/README.md
@@ -19,18 +19,18 @@ S3-based triggers, to run the function automatically whenever a file is landed i
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
| s3\_path\_to\_lambda\_zip | S3 Path to where the source code zip should be uploaded. | `string` | n/a | yes |
-| s3\_trigger\_bucket | variable "dependency\_urls" { description = "If additional files should be packaged into the source code zip, please provide map of relative target paths to their respective download URLs." type = map(string) default = {} } | `string` | n/a | yes |
-| lambda\_source\_folder | Local path to a folder containing the lambda source code | `string` | `"resources/fn_log"` | no |
-| pip\_path | n/a | `string` | `"pip3"` | no |
-| runtime | n/a | `string` | `"python3.8"` | no |
-| s3\_triggers | n/a | map(object({
# function_name = string
triggering_path = string
function_handler = string
environment_vars = map(string)
environment_secrets = map(string)
})) | {
"fn_log": {
"environment_secrets": {},
"environment_vars": {},
"function_handler": "main.lambda_handler",
"triggering_path": "*"
}
} | no |
-| timeout\_seconds | n/a | `number` | `300` | no |
+| s3\_trigger\_bucket | The name of an S3 bucket which will trigger this Lambda function. | `string` | n/a | yes |
+| lambda\_source\_folder | Local path to a folder containing the lambda source code. | `string` | `"resources/fn_log"` | no |
+| pip\_path | The path to a local pip executable, used to package python dependencies. | `string` | `"pip3"` | no |
+| runtime | The python runtime, e.g. `python3.8`. | `string` | `"python3.8"` | no |
+| s3\_triggers | A map of function names to trigger definitions. Each definitions should contain the following attributes: `triggering_path` (the S3 key prefix on the bucket which should trigger the function), `function_handler` (a valid function handler reference, per the AWS Lambda spec), `environment_vars` (a map of environment
variable names to their values), and `environment_secrets` (a map of secret IDs which the lambda function
should be granted access to). | map(object({
# function_name = string
triggering_path = string
function_handler = string
environment_vars = map(string)
environment_secrets = map(string)
})) | {
"fn_log": {
"environment_secrets": {},
"environment_vars": {},
"function_handler": "main.lambda_handler",
"triggering_path": "*"
}
} | no |
+| timeout\_seconds | The amount of time which can pass before the function will timeout and fail execution. | `number` | `300` | no |
## Outputs
| Name | Description |
|------|-------------|
-| build\_temp\_dir | n/a |
+| build\_temp\_dir | Full path to the local folder used to build the python package. |
---------------------
diff --git a/components/aws/rds/README.md b/components/aws/rds/README.md
index bab0b9ad..7224cc3a 100644
--- a/components/aws/rds/README.md
+++ b/components/aws/rds/README.md
@@ -23,26 +23,26 @@ which are built on top of this component module.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| admin\_password | Must be 8 characters long. | `string` | n/a | yes |
-| admin\_username | n/a | `string` | n/a | yes |
+| admin\_password | The initial admin password. Must be 8 characters long. | `string` | n/a | yes |
+| admin\_username | The initial admin username. | `string` | n/a | yes |
| engine | The type of database to launch. E.g.: `aurora`, `aurora-mysql`,`aurora-postgresql`, `mariadb`,`mysql`,`oracle-ee`,`oracle-se2`,`oracle-se1`,`oracle-se`,`postgres`, `sqlserver-ee`,`sqlserver-se`,`sqlserver-ex`,`sqlserver-web`.
Check RDS documentation for updates to the supported list, and for details on each engine type. | `string` | n/a | yes |
-| engine\_version | n/a | `string` | n/a | yes |
+| engine\_version | When paired with `engine`, specifies the version of the database engine to deploy. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| jdbc\_port | n/a | `string` | n/a | yes |
-| kms\_key\_id | n/a | `string` | n/a | yes |
+| jdbc\_port | Optional. Overrides the default JDBC port for incoming SQL connections. | `string` | n/a | yes |
+| kms\_key\_id | Optional. The ARN for the KMS encryption key used in cluster encryption. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| identifier | n/a | `string` | `"rds-db"` | no |
-| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr. Alternatively, the cost/month @ ~$12.25/mo. (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
-| skip\_final\_snapshot | n/a | `bool` | `false` | no |
+| identifier | The database name which will be used within connection strings and URLs. | `string` | `"rds-db"` | no |
+| instance\_class | Enter the desired node type. The default and cheapest option is 'db.t2.micro' @ ~$0.017/hr, or ~$120/mo (https://aws.amazon.com/rds/mysql/pricing/ ) | `string` | `"db.t2.micro"` | no |
+| skip\_final\_snapshot | If true, will allow terraform to destroy the RDS cluster without performing a final backup. | `bool` | `false` | no |
| storage\_size\_in\_gb | The allocated storage value is denoted in GB | `string` | `"20"` | no |
## Outputs
| Name | Description |
|------|-------------|
-| endpoint | n/a |
-| summary | n/a |
+| endpoint | The connection endpoint for the new RDS instance. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/components/aws/redshift/README.md b/components/aws/redshift/README.md
index 0f5ba3fa..dc8cb7cf 100644
--- a/components/aws/redshift/README.md
+++ b/components/aws/redshift/README.md
@@ -14,26 +14,26 @@ NOTE: Requires AWS policy 'AmazonRedshiftFullAccess' on the terraform account
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| admin\_password | Must be 8 characters long. | `string` | n/a | yes |
-| elastic\_ip | n/a | `string` | n/a | yes |
+| admin\_password | The initial admin password. Must be 8 characters long. | `string` | n/a | yes |
+| elastic\_ip | Optional. An Elastic IP endpoint which will be used to for routing incoming traffic. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
-| kms\_key\_id | n/a | `string` | n/a | yes |
+| kms\_key\_id | Optional. The ARN for the KMS encryption key used in cluster encryption. | `string` | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| s3\_logging\_bucket | n/a | `string` | n/a | yes |
-| s3\_logging\_path | n/a | `string` | n/a | yes |
-| database\_name | n/a | `string` | `"redshift_db"` | no |
-| jdbc\_port | n/a | `number` | `5439` | no |
-| node\_type | Enter the desired node type. The default and cheapest option is 'dc2.large' @ ~$0.25/hr (https://aws.amazon.com/redshift/pricing/) | `string` | `"dc2.large"` | no |
-| num\_nodes | n/a | `number` | `1` | no |
-| skip\_final\_snapshot | n/a | `bool` | `false` | no |
+| s3\_logging\_bucket | Optional. An S3 bucket to use for log collection. | `string` | n/a | yes |
+| s3\_logging\_path | Required if `s3_logging_bucket` is set. The path within the S3 bucket to use for log storage. | `string` | n/a | yes |
+| database\_name | The name of the initial Redshift database to be created. | `string` | `"redshift_db"` | no |
+| jdbc\_port | Optional. Overrides the default JDBC port for incoming SQL connections. | `number` | `5439` | no |
+| node\_type | Enter the desired node type. The default and cheapest option is 'dc2.large' @ ~$0.25/hr, ~$180/mo (https://aws.amazon.com/redshift/pricing/) | `string` | `"dc2.large"` | no |
+| num\_nodes | Optional (default=1). The number of Redshift nodes to use. | `number` | `1` | no |
+| skip\_final\_snapshot | If true, will allow terraform to destroy the RDS cluster without performing a final backup. | `bool` | `false` | no |
## Outputs
| Name | Description |
|------|-------------|
-| endpoint | n/a |
-| summary | n/a |
+| endpoint | The connection endpoint for the new Redshift instance. |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/components/aws/secrets-manager/README.md b/components/aws/secrets-manager/README.md
index f3d4f426..fc44f7fd 100644
--- a/components/aws/secrets-manager/README.md
+++ b/components/aws/secrets-manager/README.md
@@ -30,8 +30,8 @@ on to other resources which required access to those secrets.
| Name | Description |
|------|-------------|
-| secrets\_ids | n/a |
-| summary | n/a |
+| secrets\_ids | A map of secrets names to each secret's unique ID within AWS Secrets Manager. |
+| summary | Summary of resources created by this module. |
## Usage Example
diff --git a/components/aws/step-functions/README.md b/components/aws/step-functions/README.md
index 7032f1c8..f111bdfd 100644
--- a/components/aws/step-functions/README.md
+++ b/components/aws/step-functions/README.md
@@ -14,18 +14,18 @@ for another step.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:-----:|
-| account\_id | n/a | `string` | n/a | yes |
+| account\_id | The account ID to use on resource ARNs and IDs. | `string` | n/a | yes |
| environment | Standard `environment` module input. | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
-| state\_machine\_definition | n/a | `string` | n/a | yes |
-| state\_machine\_name | n/a | `string` | n/a | yes |
+| state\_machine\_definition | The JSON definition of the state machine to be created. | `string` | n/a | yes |
+| state\_machine\_name | The name of the state machine to be created. | `string` | n/a | yes |
## Outputs
| Name | Description |
|------|-------------|
-| summary | n/a |
+| summary | Summary of resources created by this module. |
---------------------
diff --git a/components/aws/vpc/README.md b/components/aws/vpc/README.md
index 43e1123e..ab3a8a3e 100644
--- a/components/aws/vpc/README.md
+++ b/components/aws/vpc/README.md
@@ -22,7 +22,7 @@ Included automatically when creating this module:
|------|-------------|------|---------|:-----:|
| aws\_credentials\_file | Optional, unless set at the main AWS provider level in which case it is required. | `string` | n/a | yes |
| aws\_profile | Optional, unless set at the main AWS provider level in which case it is required. | `string` | n/a | yes |
-| aws\_region | n/a | `any` | n/a | yes |
+| aws\_region | Optional. Overrides the AWS region, otherwise will use the AWS region provided from context. | `any` | n/a | yes |
| environment | Standard `environment` module input. (Ignored for the `vpc` module.) | object({
vpc_id = string
aws_region = string
public_subnets = list(string)
private_subnets = list(string)
}) | n/a | yes |
| name\_prefix | Standard `name_prefix` module input. | `string` | n/a | yes |
| resource\_tags | Standard `resource_tags` module input. | `map(string)` | n/a | yes |
@@ -32,9 +32,9 @@ Included automatically when creating this module:
| Name | Description |
|------|-------------|
-| private\_subnets | n/a |
-| public\_subnets | n/a |
-| vpc\_id | n/a |
+| private\_subnets | The list of private subnets. |
+| public\_subnets | The list of public subnets. |
+| vpc\_id | The unique ID of the VPC. |
---------------------