SAAS-23305: Updating README.md

Author: Noamstrauss

README.md

@@ -5,35 +5,34 @@
 [![Version](https://img.shields.io/badge/version-1.0.0-blue)](https://github.com/aquasecurity/terraform-gcp-onboarding)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
-This Terraform module provides an easy way to onboard resources in Google Cloud Platform (GCP) for Aqua Security.
+This Terraform module provides an easy way
+to configure Aqua Security’s CSPM and agentless solutions on Google Cloud Platform (GCP).
+
+It creates the necessary resources, such as service accounts, roles, and permissions,
+to enable seamless integration with Aqua’s platform.
 
 ---
 
 ## Table of Contents
 
-- [Introduction](#introduction)
-- [Prerequisites](#prerequisites)
+- [Pre-requisites](#Pre-requisites)
 - [Usage](#usage)
 - [Examples](#examples)
 - [Using Existing Network](#using-existing-network-and-firewall)
 - [Using Dedicated Project](#using-an-existing-dedicated-project)
-- [License](#license)
-
-## Introduction
-
-The `terraform-gcp-onboarding` module simplifies the process of onboarding GCP resources for Aqua Security. It creates the necessary resources, such as service accounts, roles, and permissions, to enable seamless integration with Aqua Security.
 
-## Prerequisites
+## Pre-requisites
 
 Before using this module, ensure that you have the following:
 
-- Terraform version `1.6.4` or later
-- `gcloud` CLI installed and configured
-- `Python` 3+ installed
-- Aqua Security account and API credentials
+- Terraform version `1.6.4` or later.
+- `gcloud` CLI installed and configured.
+- `Python` 3+ installed.
+- Aqua Security account API credentials.
 
 ## Usage
-1. Replace `<aqua_api_key>` and `<aqua_api_secret>` with your generated API credentials.
+1. Leverage the Aqua platform to generate the local variables required by the module.
+2. Important: Replace `<aqua_api_key>` and `<aqua_api_secret>` with your generated API credentials.
 2. Run `terraform init` to initialize the module.
 3. Run `terraform apply` to create the resources.
 
@@ -145,7 +144,12 @@ For more examples and use cases, please refer to the examples folder in the repo
 
 ## Using Existing Network and Firewall
 
-If you prefer to use an existing network and firewall instead of creating new ones, you can do so by setting `create_network = false` in the module's input variables. In this case, you will need to follow a specific naming convention for the existing network and firewall resources:
+
+If you prefer to use an existing network and firewall instead of creating new ones,
+you can do so by setting `create_network = false` in the module's input variables.
+In this case, you will need to create,
+prior to onboarding, network and firewall resources with the following naming convention:
+
 
 * Firewall: `<project_id>-rules-aqua-aas`
 * Network: `<project_id>-network`
@@ -155,7 +159,9 @@ When using a dedicated project, the `<project_id>` should follow the format `"aq
 
 ## Using an Existing Dedicated Project
 
-If you have an existing dedicated project that you want to use for Aqua Security resources, you can import it into this Terraform configuration. To do so, use the following Terraform import command:
+If you have an existing dedicated project that you want to use to host Aqua Security resources, you can import it into the Terraform configuration.
+
+To do so, use the following Terraform import command:
 
 `terraform import module.aqua_gcp_dedicated_project.google_project.project <dedicated_project_id>`
 
@@ -172,11 +178,6 @@ For example, if your Aqua tenant ID is `12345` and the first six characters of t
 You will also need to ensure that the existing dedicated project has the label `"aqua-agentless-scanner" = "true"` applied.
 
 
-## License
-
-Apache 2 Licensed. See LICENSE for full details.
-
-
 <!-- BEGIN_TF_DOCS -->
 ## Requirements
 

examples/dedicated-project/README.md

@@ -2,30 +2,29 @@
 
 ---
 
-This is an example Terraform configuration that demonstrates how to create a dedicated Google Cloud Platform (GCP) project for Aqua Security resources using the `dedicated_project` module from the `terraform-gcp-onboarding` repository.
-
 ## Overview
 
-This example shows how to create a dedicated GCP project with a specific naming convention and apply the required labels for Aqua Security integration.
+This example shows how to onboard a GCP project by creating a dedicated project to provision all of Aqua’s resources into and apply the required labels for Aqua Security integration.
 
-## Prerequisites
+## Pre-requisites
 
 Before running this example, ensure that you have the following:
 
 1. Terraform installed (version 1.6.4 or later).
-2. `gcloud` CLI installed and configured.
-3. Aqua Security account and API credentials (not required for this example).
+2. `Gcloud` CLI installed and configured.
+3. Aqua Security account API credentials.
 
 ## Usage
 
-1. Replace the placeholder values in the `locals` block with your actual values.
-2. Run `terraform init` to initialize the Terraform working directory.
-3. Run `terraform apply` to create the dedicated project.
+1. Leverage the Aqua platform to generate the local variables required by the module.
+2. Important: Replace `<aqua_api_key>` and `<aqua_api_secret>` with your generated API credentials.
+3. Run `terraform init` to initialize the Terraform working directory.
+4. Run `terraform apply` to create the dedicated project.
 
 ## What's Happening
-
-1. A dedicated GCP project is created with the name `aqua-agentless-<tenant_id>-<org_hash>`, where `org_hash` is the first six characters of the SHA1 hash of your organization name.
-2. The `labels` input is set to merge custom labels (if provided) with the required `"aqua-agentless-scanner" = "true"` label.
+1. The `aqua_gcp_dedicated_project` module is called to create a dedicated GCP project is created with the name `aqua-agentless-<tenant_id>-<org_hash>`, where `org_hash` is the first six characters of the SHA1 hash of your organization name.
+2. The `aqua_gcp_onboarding` module is called to provision the necessary resources (service accounts, roles, networking, etc.) in the dedicated GCP project.
+3. The `aqua_gcp_project_attachment` module is called to create the required IAM resources in the onboarding project and trigger the Aqua API.
 
 ## Cleanup
 

examples/dedicated-project/main.tf

@@ -50,7 +50,7 @@ provider "google" {
   default_labels = local.labels
 }
 
-# Creating onboarding resources on the dedicated project
+# Creating discovery and scanning resources on the project
 module "aqua_gcp_onboarding" {
   source = "../../"
   providers = {
@@ -71,7 +71,7 @@ module "aqua_gcp_onboarding" {
 
 ################################
 
-## Onboarding an project and attaching it to the dedicated project
+## Onboarding a project and attaching it to the dedicated project
 module "aqua_gcp_project_attachment" {
   source = "../../modules/project_attachment"
   providers = {

examples/same-project/README.md

@@ -2,11 +2,9 @@
 
 ---
 
-This is an example Terraform configuration that demonstrates how to onboard Aqua Security resources in an existing Google Cloud Platform (GCP) project using the `terraform-gcp-onboarding` module.
-
 ## Overview
 
-This example showcases the following:
+This example shows how to onboard a Google Cloud Platform (GCP) project by provisioning all of Aqua’s resources into the existing project.
 
 ## Prerequisites
 
@@ -25,7 +23,8 @@ Before running this example, ensure that you have the following:
 ## What's Happening
 
 1. The `aqua_gcp_onboarding` module is called to provision the necessary resources (service accounts, roles, networking, etc.) in the existing GCP project.
-2. The `aqua_gcp_project_attachment` module is called to attach the existing GCP project to the onboarded resources for Aqua Security integration.
+2. The `aqua_gcp_project_attachment` module is called to create the required IAM resources in the onboarding project and trigger the Aqua API.
+
 
 ## Cleanup
 

examples/same-project/main.tf

@@ -33,7 +33,7 @@ provider "google" {
 
 ################################
 
-# Creating onboarding resources on the existing project
+# Creating discovery and scanning resources on the project
 module "aqua_gcp_onboarding" {
   source = "../.."
   providers = {

variables.tf

@@ -10,7 +10,7 @@ variable "project_id" {
 }
 
 variable "region" {
-  description = "Google Cloud Region"
+  description = "Google Cloud Main Deployment Region"
   type        = string
   validation {
     condition     = can(regex("^[a-z0-9-]{1,35}$", var.region))