docs: doing some clever stuff with docs

avd_docs/aws/apigateway/AVD-AWS-0001/CloudFormation.md

@@ -1,10 +1,9 @@
 
 Enable logging for API Gateway stages
 
-```yaml
----
-AWSTemplateFormatVersion: "2010-09-09"
-Description: A sample template
+```yaml---
+AWSTemplateFormatVersion: 2010-09-09
+Description: Good Example of ApiGateway
 Resources:
   GoodApi:
     Type: AWS::ApiGatewayV2::Api
@@ -16,4 +15,7 @@ Resources:
         Format: json
       ApiId: !Ref GoodApi
       StageName: GoodApiStage
+
 ```
+
+

avd_docs/aws/apigateway/AVD-AWS-0001/Terraform.md

@@ -2,28 +2,29 @@
 Enable logging for API Gateway stages
 
 ```hcl
-resource "aws_apigatewayv2_stage" "good_example" {
-  api_id = aws_apigatewayv2_api.example.id
-  name   = "example-stage"
-  
-  access_log_settings {
-    destination_arn = ""
-    format          = ""
-  }
-}
-
-resource "aws_api_gateway_stage" "good_example" {
-  deployment_id = aws_api_gateway_deployment.example.id
-  rest_api_id   = aws_api_gateway_rest_api.example.id
-  stage_name    = "example"
-  
-  access_log_settings {
-    destination_arn = ""
-    format          = ""
-  }
-}
+ resource "aws_apigatewayv2_stage" "good_example" {
+   api_id = aws_apigatewayv2_api.example.id
+   name   = "example-stage"
+ 
+   access_log_settings {
+    destination_arn = "arn:aws:logs:region:0123456789:log-group:access_logging"
+    format          = "json"
+   }
+ }
+ 
+ resource "aws_api_gateway_stage" "good_example" {
+   deployment_id = aws_api_gateway_deployment.example.id
+   rest_api_id   = aws_api_gateway_rest_api.example.id
+   stage_name    = "example"
+ 
+   access_log_settings {
+     destination_arn = "arn:aws:logs:region:0123456789:log-group:access_logging"
+     format          = "json"
+   }
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/apigatewayv2_stage#access_log_settings
-        
+

avd_docs/aws/apigateway/AVD-AWS-0002/Terraform.md

@@ -2,27 +2,29 @@
 Enable cache encryption
 
 ```hcl
-resource "aws_api_gateway_rest_api" "example" {
-  
-}
+ resource "aws_api_gateway_rest_api" "example" {
+	
+ }
 
-resource "aws_api_gateway_stage" "example" {
-  
-}
+ resource "aws_api_gateway_stage" "example" {
 
-resource "aws_api_gateway_method_settings" "good_example" {
-  rest_api_id = aws_api_gateway_rest_api.example.id
-  stage_name  = aws_api_gateway_stage.example.stage_name
-  method_path = "path1/GET"
-  
-  settings {
-    metrics_enabled = true
-    logging_level   = "INFO"
-    cache_data_encrypted = true
-  }
-}
+ }
+
+ resource "aws_api_gateway_method_settings" "good_example" {
+   rest_api_id = aws_api_gateway_rest_api.example.id
+   stage_name  = aws_api_gateway_stage.example.stage_name
+   method_path = "path1/GET"
+ 
+   settings {
+     metrics_enabled = true
+     logging_level   = "INFO"
+     caching_enabled = true
+     cache_data_encrypted = true
+   }
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method_settings#cache_data_encrypted
-        
+

avd_docs/aws/apigateway/AVD-AWS-0003/Terraform.md

@@ -2,18 +2,19 @@
 Enable tracing
 
 ```hcl
-resource "aws_api_gateway_rest_api" "test" {
-  
-}
+ resource "aws_api_gateway_rest_api" "test" {
+	
+ }
 
-resource "aws_api_gateway_stage" "good_example" {
-  stage_name    = "prod"
-  rest_api_id   = aws_api_gateway_rest_api.test.id
-  deployment_id = aws_api_gateway_deployment.test.id
-  xray_tracing_enabled = true
-}
+ resource "aws_api_gateway_stage" "good_example" {
+   stage_name    = "prod"
+   rest_api_id   = aws_api_gateway_rest_api.test.id
+   deployment_id = aws_api_gateway_deployment.test.id
+   xray_tracing_enabled = true
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_stage#xray_tracing_enabled
-        
+

avd_docs/aws/apigateway/AVD-AWS-0004/Terraform.md

@@ -2,18 +2,58 @@
 Use and authorization method or require API Key
 
 ```hcl
-resource "aws_api_gateway_rest_api" "MyDemoAPI" {
-  
-}
-
-resource "aws_api_gateway_method" "good_example" {
-  rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
-  resource_id   = aws_api_gateway_resource.MyDemoResource.id
-  http_method   = "GET"
-  authorization = "AWS_IAM"
-}
+ resource "aws_api_gateway_rest_api" "MyDemoAPI" {
+	
+ }
+
+ resource "aws_api_gateway_resource" "MyDemoResource" {
+	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
+ }
+
+ resource "aws_api_gateway_method" "good_example" {
+   rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
+   resource_id   = aws_api_gateway_resource.MyDemoResource.id
+   http_method   = "GET"
+   authorization = "AWS_IAM"
+ }
+ 
+```
+```hcl
+ resource "aws_api_gateway_rest_api" "MyDemoAPI" {
+	
+ }
+
+ resource "aws_api_gateway_resource" "MyDemoResource" {
+	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
+ }
+
+ resource "aws_api_gateway_method" "good_example" {
+   rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
+   resource_id      = aws_api_gateway_resource.MyDemoResource.id
+   http_method      = "GET"
+   authorization    = "NONE"
+   api_key_required = true
+ }
+ 
+```
+```hcl
+ resource "aws_api_gateway_rest_api" "MyDemoAPI" {
+	
+ }
+
+ resource "aws_api_gateway_resource" "MyDemoResource" {
+	rest_api_id      = aws_api_gateway_rest_api.MyDemoAPI.id
+ }
+
+ resource "aws_api_gateway_method" "good_example" {
+   rest_api_id   = aws_api_gateway_rest_api.MyDemoAPI.id
+   resource_id   = aws_api_gateway_resource.MyDemoResource.id
+   http_method   = "OPTION"
+   authorization = "NONE"
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_method#authorization
-        
+

avd_docs/aws/apigateway/AVD-AWS-0005/Terraform.md

@@ -2,11 +2,12 @@
 Use the most modern TLS/SSL policies available
 
 ```hcl
-resource "aws_api_gateway_domain_name" "good_example" {
-  security_policy = "TLS_1_2"
-}
+ resource "aws_api_gateway_domain_name" "good_example" {
+ 	security_policy = "TLS_1_2"
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/api_gateway_domain_name#security_policy
-        
+

avd_docs/aws/athena/AVD-AWS-0006/CloudFormation.md

@@ -1,10 +1,7 @@
 
 Enable encryption at rest for Athena databases and workgroup configurations
 
-```yaml
----
-AWSTemplateFormatVersion: "2010-09-09"
-Description: A sample template
+```yaml---
 Resources:
   GoodExample:
     Properties:
@@ -14,4 +11,7 @@ Resources:
           EncryptionConfiguration:
             EncryptionOption: SSE_KMS
     Type: AWS::Athena::WorkGroup
+
 ```
+
+

avd_docs/aws/athena/AVD-AWS-0006/Terraform.md

@@ -2,36 +2,38 @@
 Enable encryption at rest for Athena databases and workgroup configurations
 
 ```hcl
-resource "aws_athena_database" "good_example" {
-  name   = "database_name"
-  bucket = aws_s3_bucket.hoge.bucket
-  
-  encryption_configuration {
-    encryption_option = "SSE_KMS"
-    kms_key_arn       = aws_kms_key.example.arn
+ resource "aws_athena_database" "good_example" {
+   name   = "database_name"
+   bucket = aws_s3_bucket.hoge.bucket
+ 
+   encryption_configuration {
+      encryption_option = "SSE_KMS"
+      kms_key_arn       = aws_kms_key.example.arn
   }
-}
-
-resource "aws_athena_workgroup" "good_example" {
-  name = "example"
-  
-  configuration {
-    enforce_workgroup_configuration    = true
-    publish_cloudwatch_metrics_enabled = true
-    
-    result_configuration {
-      output_location = "s3://${aws_s3_bucket.example.bucket}/output/"
-      
-      encryption_configuration {
-        encryption_option = "SSE_KMS"
-        kms_key_arn       = aws_kms_key.example.arn
-      }
-    }
-  }
-}
+ }
+ 
+ resource "aws_athena_workgroup" "good_example" {
+   name = "example"
+ 
+   configuration {
+     enforce_workgroup_configuration    = true
+     publish_cloudwatch_metrics_enabled = true
+ 
+     result_configuration {
+       output_location = "s3://${aws_s3_bucket.example.bucket}/output/"
+ 
+       encryption_configuration {
+         encryption_option = "SSE_KMS"
+         kms_key_arn       = aws_kms_key.example.arn
+       }
+     }
+   }
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#encryption_configuration
+
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_database#encryption_configuration
-        
+

avd_docs/aws/athena/AVD-AWS-0007/CloudFormation.md

@@ -1,10 +1,7 @@
 
 Enforce the configuration to prevent client overrides
 
-```yaml
----
-AWSTemplateFormatVersion: "2010-09-09"
-Description: A sample template
+```yaml---
 Resources:
   GoodExample:
     Properties:
@@ -15,4 +12,7 @@ Resources:
           EncryptionConfiguration:
             EncryptionOption: SSE_KMS
     Type: AWS::Athena::WorkGroup
+
 ```
+
+

avd_docs/aws/athena/AVD-AWS-0007/Terraform.md

@@ -2,25 +2,26 @@
 Enforce the configuration to prevent client overrides
 
 ```hcl
-resource "aws_athena_workgroup" "good_example" {
-  name = "example"
-  
-  configuration {
-    enforce_workgroup_configuration    = true
-    publish_cloudwatch_metrics_enabled = true
-    
-    result_configuration {
-      output_location = "s3://${aws_s3_bucket.example.bucket}/output/"
-      
-      encryption_configuration {
-        encryption_option = "SSE_KMS"
-        kms_key_arn       = aws_kms_key.example.arn
-      }
-    }
-  }
-}
+ resource "aws_athena_workgroup" "good_example" {
+   name = "example"
+ 
+   configuration {
+     enforce_workgroup_configuration    = true
+     publish_cloudwatch_metrics_enabled = true
+ 
+     result_configuration {
+       output_location = "s3://${aws_s3_bucket.example.bucket}/output/"
+ 
+       encryption_configuration {
+         encryption_option = "SSE_KMS"
+         kms_key_arn       = aws_kms_key.example.arn
+       }
+     }
+   }
+ }
+ 
 ```
 
 #### Remediation Links
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/athena_workgroup#configuration
-        
+