Reset .git owner after terraform-docs

.github/workflows/update_assets.yml

@@ -28,6 +28,9 @@ jobs:
           config-file: ${{ github.workspace }}/.terraform-docs.yml
           output-method: inject
 
+      - name: Reset .git owner
+        run: "sudo chown -R $USER: .git"
+
       - name: Update dependabot.yml
         run: |
           cp .github/dependabot-base.yml .github/dependabot.yml

modules/aws/route53/README.md

@@ -41,16 +41,16 @@ The module also simplifies a few boilerplate records at the apex for security pu
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_alias_mx"></a> [alias\_mx](#input\_alias\_mx) | List of alias domains that should have the same MX records as the canonical domain. | `list(string)` | `[]` | no |
-| <a name="input_alias_records"></a> [alias\_records](#input\_alias\_records) | List of DNS records for alias domains. The top-level keys should match entries in the `aliases`<br>    list. The second-level map should match the same structure as `records`. | <pre>map(map(object({<br>    name    = optional(string)<br>    ttl     = optional(string)<br>    type    = string<br>    records = list(string)<br>  })))</pre> | `{}` | no |
+| <a name="input_alias_records"></a> [alias\_records](#input\_alias\_records) | List of DNS records for alias domains. The top-level keys should match entries in the `aliases`<br/>    list. The second-level map should match the same structure as `records`. | <pre>map(map(object({<br/>    name    = optional(string)<br/>    ttl     = optional(string)<br/>    type    = string<br/>    records = list(string)<br/>  })))</pre> | `{}` | no |
 | <a name="input_alias_redirect_protocol"></a> [alias\_redirect\_protocol](#input\_alias\_redirect\_protocol) | Protocol to use when redirecting to the canonical domain. Valid values: `http`, `https`. | `string` | `"https"` | no |
 | <a name="input_aliases"></a> [aliases](#input\_aliases) | List of alias domains that should redirect to the canonical domain. | `list(string)` | `[]` | no |
 | <a name="input_apex_txt"></a> [apex\_txt](#input\_apex\_txt) | List of TXT records to be added at the apex. | `list(string)` | `[]` | no |
-| <a name="input_caa_issuers"></a> [caa\_issuers](#input\_caa\_issuers) | List of CAs that can issue certificates. | `list(string)` | <pre>[<br>  "amazon.com"<br>]</pre> | no |
+| <a name="input_caa_issuers"></a> [caa\_issuers](#input\_caa\_issuers) | List of CAs that can issue certificates. | `list(string)` | <pre>[<br/>  "amazon.com"<br/>]</pre> | no |
 | <a name="input_canonical_mx_record"></a> [canonical\_mx\_record](#input\_canonical\_mx\_record) | The name of the MX record on the canonical domain. | `string` | `"apex_mx"` | no |
 | <a name="input_comment"></a> [comment](#input\_comment) | A comment for the hosted zone. Defaults to 'Managed by Terraform'. | `string` | `null` | no |
 | <a name="input_default_ttl"></a> [default\_ttl](#input\_default\_ttl) | Default TTL for DNS records. | `number` | `86400` | no |
 | <a name="input_domain"></a> [domain](#input\_domain) | The top-level domain name to hold the records. | `string` | n/a | yes |
-| <a name="input_records"></a> [records](#input\_records) | List of DNS records for the domain.<br><br>    • `name`    - (Optional) The name of the record. Defaults to the domain (i.e. an apex record).<br>    • `ttl`     - (Optional) The TTL of the record. Defaults to `default_ttl`.<br>    • `type`    - (Required) The record type.<br>    • `records` - (Required) A string list of records. | <pre>map(object({<br>    name    = optional(string)<br>    ttl     = optional(string)<br>    type    = string<br>    records = list(string)<br>  }))</pre> | n/a | yes |
+| <a name="input_records"></a> [records](#input\_records) | List of DNS records for the domain.<br/><br/>    • `name`    - (Optional) The name of the record. Defaults to the domain (i.e. an apex record).<br/>    • `ttl`     - (Optional) The TTL of the record. Defaults to `default_ttl`.<br/>    • `type`    - (Required) The record type.<br/>    • `records` - (Required) A string list of records. | <pre>map(object({<br/>    name    = optional(string)<br/>    ttl     = optional(string)<br/>    type    = string<br/>    records = list(string)<br/>  }))</pre> | n/a | yes |
 | <a name="input_security_contact"></a> [security\_contact](#input\_security\_contact) | Security contact for the domain. Defaults to 'security@DOMAIN', where `DOMAIN` is the top-level domain name. | `string` | `null` | no |
 | <a name="input_spf"></a> [spf](#input\_spf) | List of SPF directives for the domain. | `list(string)` | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags for the hosted zone. | `map(any)` | `{}` | no |

modules/aws/sso_account_assignment/README.md

@@ -33,9 +33,9 @@ to be used with AWS IAM Identity Center.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_assignments"></a> [assignments](#input\_assignments) | List of assignments between group, account and Permission Set. The key of each object is the group<br>    name that will be assigned the permissions. Ideally the organisation will use an external identity<br>    provider and this group should be created via SCIM. To also create the groups, enable `create_groups`.<br><br>    • `account_ids`     - (Required) The AWS account IDs to apply the assignment.<br>    • `permission_sets` - (Required) The Permission Sets to be assigned to the group. These should<br>                                     be a subset of the Permission Sets created above. | <pre>map(list(object({<br>    account_ids     = list(string)<br>    permission_sets = list(string)<br>  })))</pre> | n/a | yes |
+| <a name="input_assignments"></a> [assignments](#input\_assignments) | List of assignments between group, account and Permission Set. The key of each object is the group<br/>    name that will be assigned the permissions. Ideally the organisation will use an external identity<br/>    provider and this group should be created via SCIM. To also create the groups, enable `create_groups`.<br/><br/>    • `account_ids`     - (Required) The AWS account IDs to apply the assignment.<br/>    • `permission_sets` - (Required) The Permission Sets to be assigned to the group. These should<br/>                                     be a subset of the Permission Sets created above. | <pre>map(list(object({<br/>    account_ids     = list(string)<br/>    permission_sets = list(string)<br/>  })))</pre> | n/a | yes |
 | <a name="input_create_groups"></a> [create\_groups](#input\_create\_groups) | Whether the module should also create the groups. | `bool` | `false` | no |
-| <a name="input_permission_sets"></a> [permission\_sets](#input\_permission\_sets) | List of Permission Sets for the organization. Each Permission Set must include AWS managed<br>    policies and/or an IAM inline policy.<br><br>    • `name`              - (Optional) The name of the Permission Set. The key will be used by default.<br>    • `description`       - (Optional) The description of the Permission Set.<br>    • `managed_policies`  - (Optional) A list of AWS-managed policy names. The prefix `arn:aws:iam::aws:policy/`<br>                                       will be prepended to create the full ARN.<br>    • `inline_policy`     - (Optional) An IAM inline policy to attach to the Permission Set. | <pre>map(object({<br>    name             = optional(string)<br>    description      = optional(string)<br>    managed_policies = optional(list(string), [])<br>    inline_policy    = optional(string, "")<br>  }))</pre> | n/a | yes |
+| <a name="input_permission_sets"></a> [permission\_sets](#input\_permission\_sets) | List of Permission Sets for the organization. Each Permission Set must include AWS managed<br/>    policies and/or an IAM inline policy.<br/><br/>    • `name`              - (Optional) The name of the Permission Set. The key will be used by default.<br/>    • `description`       - (Optional) The description of the Permission Set.<br/>    • `managed_policies`  - (Optional) A list of AWS-managed policy names. The prefix `arn:aws:iam::aws:policy/`<br/>                                       will be prepended to create the full ARN.<br/>    • `inline_policy`     - (Optional) An IAM inline policy to attach to the Permission Set. | <pre>map(object({<br/>    name             = optional(string)<br/>    description      = optional(string)<br/>    managed_policies = optional(list(string), [])<br/>    inline_policy    = optional(string, "")<br/>  }))</pre> | n/a | yes |
 <!-- END_TF_DOCS -->
 
 # Example Usage