From a99cf2fd78af8db09d76464047160adc982e11fe Mon Sep 17 00:00:00 2001 From: Paul Schwarzenberger Date: Tue, 19 Mar 2024 13:43:48 +0000 Subject: [PATCH] Updates relating to Terraform Registry (#81) Updates for Terraform registry --- README.md | 16 +++++----------- docs/faq.md | 3 +++ docs/getting-started.md | 9 ++++++++- docs/index.md | 1 + examples/default/ca.tf | 4 ++-- examples/rsa-public-crl/ca.tf | 4 ++-- mkdocs.yml | 2 -- terraform-registry-manifest.json | 6 ------ 8 files changed, 21 insertions(+), 24 deletions(-) delete mode 100644 terraform-registry-manifest.json diff --git a/README.md b/README.md index 045bed5..17844a6 100644 --- a/README.md +++ b/README.md @@ -2,27 +2,21 @@ [![Apache License](https://img.shields.io/badge/License-Apache%20v2-green.svg)](https://github.com/serverless-ca/terraform-aws-ca/blob/main/LICENSE.md) - * Serverless Certificate Authority typically $50 per year * [Equivalent cost using AWS Private CA around $10,000 per year](https://serverlessca.com/faq/#how-did-you-work-out-the-cost-comparison-with-aws-private-ca) * 100% serverless * CA private keys stored in [FIPS 140-2 level 3 certified hardware](https://aws.amazon.com/about-aws/whats-new/2023/05/aws-kms-hsm-fips-security-level-3) * Wide range of [configuration options](https://serverlessca.com/options/) +* Published as a public [Terraform registry module](https://registry.terraform.io/modules/serverless-ca/ca/aws/latest) * Open source with [Apache 2.0 license](./LICENSE.md) -![Alt text](docs/images/ca-architecture-options.png?raw=true "CA architecture") - -## Documentation -Detailed documentation is on our [Docs](https://serverlessca.com) site. If testing the Serverless CA for the first time, use the [Getting Started](https://serverlessca.com/getting-started/) guide. - -## Contributing -We welcome contributions! See the [Contributing Guide](CONTRIBUTING.md) for how to get started. + -See [Example README](./examples/default/README.md) for information on Terraform development and testing. +> 📄 Detailed documentation is on our [Docs](https://serverlessca.com) site. If testing the Serverless CA for the first time, use the [Getting Started](https://serverlessca.com/getting-started/) guide. -A guide to development and testing the Lambda function Python code is provided in the [Lambda sub-module README](/modules/terraform-aws-ca-lambda/README.MD). +> 📢 We welcome contributions! See the [Contributing Guide](CONTRIBUTING.md) for how to get started. ## Sponsors This project is supported by [Q-Solution](https://www.q-solution.co.uk) -![Alt text](docs/images/q-solution.png?raw=true "Q-Solution") \ No newline at end of file + diff --git a/docs/faq.md b/docs/faq.md index eaa9d61..827b0d2 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -1,5 +1,8 @@ # Frequently Asked Questions +### Where can I find the Terraform module? +The Terraform module is published on the public [Terraform Registry](https://registry.terraform.io/modules/serverless-ca/ca/aws/latest). + ### Can certificates only be used in AWS? No, certificates issued by the CA can be used anywhere. diff --git a/docs/getting-started.md b/docs/getting-started.md index b350e56..89971a2 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -2,6 +2,7 @@ ## Objectives By the end of this How-to guide you will have: + * created a serverless CA in your own AWS account * viewed the Root CA, Issuing CA certificates and CRLs * issued a client certificate @@ -19,7 +20,13 @@ A Root CA and Issuing CA will be deployed to your AWS account: * copy the [default example folder](https://github.com/serverless-ca/terraform-aws-ca/tree/main/examples/default) to your laptop * make sure you include the `dev` subfolder and contents * update `backend.tf` to include your own S3 Terraform state bucket in the same AWS account -* update `ca.tf` with the provider source address and latest version +* update `ca.tf` with the terraform module source address and [latest version](https://registry.terraform.io/modules/serverless-ca/ca/aws/latest), e.g. +``` +module "certificate_authority" { + source = "serverless-ca/ca/aws" + version = "0.1.0" +} +``` * uncomment the other variables in `ca.tf` * uncomment `locals.tf` and enter your own company details ``` diff --git a/docs/index.md b/docs/index.md index 1a42d63..47c9563 100644 --- a/docs/index.md +++ b/docs/index.md @@ -5,6 +5,7 @@ * 100% serverless * CA private keys stored in [FIPS 140-2 level 3 certified hardware](https://aws.amazon.com/about-aws/whats-new/2023/05/aws-kms-hsm-fips-security-level-3) * Wide range of [configuration options](options.md) +* Published as a public [Terraform registry module](https://registry.terraform.io/modules/serverless-ca/ca/aws/latest) * Open source with [Apache 2.0 license](https://github.com/serverless-ca/terraform-aws-ca/blob/main/LICENSE.md) ![Alt text](images/ca-architecture-options.png?raw=true "CA architecture") diff --git a/examples/default/ca.tf b/examples/default/ca.tf index 34b1774..0b7a5d3 100644 --- a/examples/default/ca.tf +++ b/examples/default/ca.tf @@ -1,7 +1,7 @@ module "certificate_authority" { source = "../../" - # source = "serverless-ca/terraform-aws-ca" - # version = "1.0.0" + # source = "serverless-ca/ca/aws" + # version = "0.1.0" # cert_info_files = ["tls", "revoked", "revoked-root-ca"] # issuing_ca_info = local.issuing_ca_info diff --git a/examples/rsa-public-crl/ca.tf b/examples/rsa-public-crl/ca.tf index 51bd031..6c744fe 100644 --- a/examples/rsa-public-crl/ca.tf +++ b/examples/rsa-public-crl/ca.tf @@ -1,7 +1,7 @@ module "certificate_authority" { source = "../../" - # source = "serverless-ca/terraform-aws-ca" - # version = "1.0.0" + # source = "serverless-ca/ca/aws" + # version = "0.1.0" bucket_prefix = "my-company" env = "prod" diff --git a/mkdocs.yml b/mkdocs.yml index a1a4497..9d6b9ab 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -49,5 +49,3 @@ nav: - Revocation: revocation.md - Security: security.md - Terraform reference: reference.md - - \ No newline at end of file diff --git a/terraform-registry-manifest.json b/terraform-registry-manifest.json deleted file mode 100644 index 40eed23..0000000 --- a/terraform-registry-manifest.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "version": 1, - "metadata": { - "protocol_versions": ["5.0"] - } -} \ No newline at end of file