updates to README, use 'report' as default for enforcement_mode

Author: Wesley Hoffler

README.md

@@ -29,7 +29,7 @@ unless real values don't help users know what to change.
 ```hcl
 module "ibm_cbr" "zone" {
   # replace master with version
-  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-cbr//cbr-zone-module?ref=master"
+  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-cbr//cbr-zone-module?ref=main"
   name             = "zone_for_pg_access"
   account_id       = data.ibm_iam_account_settings.iam_account_settings.account_id
   zone_description = "Zone created from terraform"
@@ -38,7 +38,7 @@ module "ibm_cbr" "zone" {
 
 module "ibm_cbr" "rule" {
   # replace master with version
-  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-cbr//cbr-rule-module?ref=master"
+  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-cbr//cbr-rule-module?ref=main"
   name             = "rule_for_pg_access"
   rule_description = "rule from terraform"
   enforcement_mode = "enabled"
@@ -94,7 +94,7 @@ You need the following permissions to run this module.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_addresses"></a> [addresses](#input\_addresses) | (List) The list of addresses in the zone | <pre>list(object({<br>    type  = optional(string)<br>    value = optional(string)<br>    ref = optional(object({<br>      account_id       = string<br>      location         = optional(string)<br>      service_instance = optional(string)<br>      service_name     = optional(string)<br>      service_type     = optional(string)<br>    }))<br>  }))</pre> | `[]` | no |
-| <a name="input_enforcement_mode"></a> [enforcement\_mode](#input\_enforcement\_mode) | (String) The rule enforcement mode | `string` | `"enabled"` | no |
+| <a name="input_enforcement_mode"></a> [enforcement\_mode](#input\_enforcement\_mode) | (String) The rule enforcement mode | `string` | `"report"` | no |
 | <a name="input_excluded_addresses"></a> [excluded\_addresses](#input\_excluded\_addresses) | (Optional, List) The list of excluded addresses in the zone | <pre>list(object({<br>    type  = optional(string)<br>    value = optional(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_name"></a> [name](#input\_name) | (Optional, String) The name of the zone | `string` | `null` | no |
 | <a name="input_operations"></a> [operations](#input\_operations) | (Optional, List) The operations this rule applies to | <pre>list(object({<br>    api_types = list(object({<br>      api_type_id = string<br>    }))<br>  }))</pre> | `[]` | no |

cbr-rule-module/README.md

@@ -1,3 +1,3 @@
-# Default example
+# CBR Rule Module
 
-Example to create a zone for Context Based Restrictions
+Creates a rule for Context Based Restrictions

cbr-rule-module/variables.tf

@@ -48,7 +48,7 @@ variable "rule_contexts" {
 variable "enforcement_mode" {
   type        = string
   description = "(String) The rule enforcement mode"
-  default     = "enabled"
+  default     = "report" # As part of the best practices, mode should be in report only mode for 30 days before the rules is enabled.
   validation {
     condition = anytrue([
       var.enforcement_mode == "enabled",

cbr-zone-module/README.md

@@ -1,3 +1,3 @@
-# Default example
+# CBR Zone Module
 
-Example to create a zone for Context Based Restrictions
+Creates a zone for Context Based Restrictions

examples/multizone-rule/variables.tf

@@ -41,5 +41,5 @@ variable "rule_description" {
 variable "enforcement_mode" {
   type        = string
   description = "(String) The rule enforcement mode"
-  default     = "enabled"
+  default     = "report" # As part of the best practices, mode should be in report only mode for 30 days before the rules is enabled.
 }

module-metadata.json

@@ -18,7 +18,7 @@
       "name": "enforcement_mode",
       "type": "string",
       "description": "(String) The rule enforcement mode",
-      "default": "enabled",
+      "default": "report",
       "source": [
         "module.cbr_rule.ibm_cbr_rule.cbr_rule.enforcement_mode"
       ],

tests/README.md

@@ -2,7 +2,7 @@
 
 # Tests
 
-For information about how to create and run tests, see [Validation tests](https://github.ibm.com/GoldenEye/documentation/blob/master/tests.md) in the project documentation.
+For information about how to create and run tests, see [Validation tests](https://terraform-ibm-modules.github.io/documentation/#/tests) in the project documentation.
 
 <!-- Add any more steps that are specific to testing this module and that are not in the docs. -->
 <!-- END TESTS HOOK -->

variables.tf

@@ -68,7 +68,7 @@ variable "rule_contexts" {
 variable "enforcement_mode" {
   type        = string
   description = "(String) The rule enforcement mode"
-  default     = "enabled"
+  default     = "report" # As part of the best practices, mode should be in report only mode for 30 days before the rules is enabled.
 }
 
 variable "resources" {