Add frontmatter (#1085)

Co-authored-by: milldr <[email protected]>
Co-authored-by: Dan Miller <[email protected]>

modules/account-map/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/account-map
+  - layer/accounts
+  - provider/aws
+  - privileged
+---
+
 # Component: `account-map`
 
 This component is responsible for provisioning information only: it simply populates Terraform state with data (account

modules/account-quotas/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/account-quotas
+  - layer/foundation
+  - provider/aws
+---
+
 # Component: `account-quotas`
 
 This component is responsible for requesting service quota increases. We recommend making requests here rather than in

modules/account-settings/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/account-settings
+  - layer/accounts
+  - provider/aws
+  - privileged
+---
+
 # Component: `account-settings`
 
 This component is responsible for provisioning account level settings: IAM password policy, AWS Account Alias, EBS

modules/account/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/account
+  - layer/accounts
+  - provider/aws
+  - privileged
+---
+
 # Component: `account`
 
 This component is responsible for provisioning the full account hierarchy along with Organizational Units (OUs). It

modules/acm/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/acm
+  - layer/network
+  - provider/aws
+---
+
 # Component: `acm`
 
 This component is responsible for requesting an ACM certificate for a domain and adding a CNAME record to the DNS zone

modules/alb/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/alb
+  - layer/ecs
+  - provider/aws
+---
+
 # Component: `alb`
 
 This component is responsible for provisioning a generic Application Load Balancer. It depends on the `vpc` and

modules/amplify/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/amplify
+  - layer/unassigned
+  - provider/aws
+---
+
 # Component: `amplify`
 
 This component is responsible for provisioning AWS Amplify apps, backend environments, branches, domain associations,

modules/api-gateway-account-settings/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/api-gateway-account-settings
+  - layer/unassigned
+  - provider/aws
+---
+
 # Component: `api-gateway-account-settings`
 
 This component is responsible for setting the global, regional settings required to allow API Gateway to write to

modules/api-gateway-rest-api/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/api-gateway-rest-api
+  - layer/addons
+  - provider/aws
+---
+
 # Component: `api-gateway-rest-api`
 
 This component is responsible for deploying an API Gateway REST API.

modules/argocd-repo/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/argocd-repo
+  - layer/software-delivery
+  - provider/aws
+  - provider/github
+---
+
 # Component: `argocd-repo`
 
 This component is responsible for creating and managing an ArgoCD desired state repository.

modules/athena/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/athena
+  - layer/data
+  - provider/aws
+---
+
 # Component: `athena`
 
 This component is responsible for provisioning an Amazon Athena workgroup, databases, and related resources.

modules/aurora-mysql-resources/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aurora-mysql-resources
+  - layer/data
+  - provider/aws
+---
+
 # Component: `aurora-mysql-resources`
 
 This component is responsible for provisioning Aurora MySQL resources: additional databases, users, permissions, grants,

modules/aurora-mysql/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aurora-mysql
+  - layer/data
+  - provider/aws
+---
+
 # Component: `aurora-mysql`
 
 This component is responsible for provisioning Aurora MySQL RDS clusters. It seeds relevant database information

modules/aurora-postgres-resources/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aurora-postgres-resources
+  - layer/data
+  - provider/aws
+---
+
 # Component: `aurora-postgres-resources`
 
 This component is responsible for provisioning Aurora Postgres resources: additional databases, users, permissions,

modules/aurora-postgres/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aurora-postgres
+  - layer/data
+  - provider/aws
+---
+
 # Component: `aurora-postgres`
 
 This component is responsible for provisioning Aurora Postgres RDS clusters. It seeds relevant database information
@@ -302,10 +309,12 @@ components:
 | <a name="input_autoscaling_scale_out_cooldown"></a> [autoscaling\_scale\_out\_cooldown](#input\_autoscaling\_scale\_out\_cooldown) | The amount of time, in seconds, after a scaling activity completes and before the next scaling up activity can start. Default is 300s | `number` | `300` | no |
 | <a name="input_autoscaling_target_metrics"></a> [autoscaling\_target\_metrics](#input\_autoscaling\_target\_metrics) | The metrics type to use. If this value isn't provided the default is CPU utilization | `string` | `"RDSReaderAverageCPUUtilization"` | no |
 | <a name="input_autoscaling_target_value"></a> [autoscaling\_target\_value](#input\_autoscaling\_target\_value) | The target value to scale with respect to target metrics | `number` | `75` | no |
+| <a name="input_backup_window"></a> [backup\_window](#input\_backup\_window) | Daily time range during which the backups happen, UTC | `string` | `"07:00-09:00"` | no |
 | <a name="input_ca_cert_identifier"></a> [ca\_cert\_identifier](#input\_ca\_cert\_identifier) | The identifier of the CA certificate for the DB instance | `string` | `null` | no |
 | <a name="input_cluster_dns_name_part"></a> [cluster\_dns\_name\_part](#input\_cluster\_dns\_name\_part) | Part of DNS name added to module and cluster name for DNS for cluster endpoint | `string` | `"writer"` | no |
 | <a name="input_cluster_family"></a> [cluster\_family](#input\_cluster\_family) | Family of the DB parameter group. Valid values for Aurora PostgreSQL: `aurora-postgresql9.6`, `aurora-postgresql10`, `aurora-postgresql11`, `aurora-postgresql12` | `string` | `"aurora-postgresql13"` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Short name for this cluster | `string` | n/a | yes |
+| <a name="input_cluster_parameters"></a> [cluster\_parameters](#input\_cluster\_parameters) | List of DB cluster parameters to apply | <pre>list(object({<br>    apply_method = string<br>    name         = string<br>    value        = string<br>  }))</pre> | `[]` | no |
 | <a name="input_cluster_size"></a> [cluster\_size](#input\_cluster\_size) | Postgres cluster size | `number` | n/a | yes |
 | <a name="input_context"></a> [context](#input\_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | <pre>{<br>  "additional_tag_map": {},<br>  "attributes": [],<br>  "delimiter": null,<br>  "descriptor_formats": {},<br>  "enabled": true,<br>  "environment": null,<br>  "id_length_limit": null,<br>  "label_key_case": null,<br>  "label_order": [],<br>  "label_value_case": null,<br>  "labels_as_tags": [<br>    "unset"<br>  ],<br>  "name": null,<br>  "namespace": null,<br>  "regex_replace_chars": null,<br>  "stage": null,<br>  "tags": {},<br>  "tenant": null<br>}</pre> | no |
 | <a name="input_database_name"></a> [database\_name](#input\_database\_name) | Name for an automatically created database on cluster creation. An empty name will generate a db name. | `string` | `""` | no |
@@ -341,6 +350,7 @@ components:
 | <a name="input_reader_dns_name_part"></a> [reader\_dns\_name\_part](#input\_reader\_dns\_name\_part) | Part of DNS name added to module and cluster name for DNS for cluster reader | `string` | `"reader"` | no |
 | <a name="input_regex_replace_chars"></a> [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.<br>Characters matching the regex will be removed from the ID elements.<br>If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
 | <a name="input_region"></a> [region](#input\_region) | AWS Region | `string` | n/a | yes |
+| <a name="input_retention_period"></a> [retention\_period](#input\_retention\_period) | Number of days to retain backups for | `number` | `5` | no |
 | <a name="input_scaling_configuration"></a> [scaling\_configuration](#input\_scaling\_configuration) | List of nested attributes with scaling properties. Only valid when `engine_mode` is set to `serverless`. This is required for Serverless v1 | <pre>list(object({<br>    auto_pause               = bool<br>    max_capacity             = number<br>    min_capacity             = number<br>    seconds_until_auto_pause = number<br>    timeout_action           = string<br>  }))</pre> | `[]` | no |
 | <a name="input_serverlessv2_scaling_configuration"></a> [serverlessv2\_scaling\_configuration](#input\_serverlessv2\_scaling\_configuration) | Nested attribute with scaling properties for ServerlessV2. Only valid when `engine_mode` is set to `provisioned.` This is required for Serverless v2 | <pre>object({<br>    min_capacity = number<br>    max_capacity = number<br>  })</pre> | `null` | no |
 | <a name="input_skip_final_snapshot"></a> [skip\_final\_snapshot](#input\_skip\_final\_snapshot) | Normally AWS makes a snapshot of the database before deleting it. Set this to `true` in order to skip this.<br>NOTE: The final snapshot has a name derived from the cluster name. If you delete a cluster, get a final snapshot,<br>then create a cluster of the same name, its final snapshot will fail with a name collision unless you delete<br>the previous final snapshot first. | `bool` | `false` | no |
@@ -351,9 +361,6 @@ components:
 | <a name="input_tags"></a> [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).<br>Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
 | <a name="input_tenant"></a> [tenant](#input\_tenant) | ID element \_(Rarely used, not included by default)\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |
 | <a name="input_vpc_component_name"></a> [vpc\_component\_name](#input\_vpc\_component\_name) | The name of the VPC component | `string` | `"vpc"` | no |
-| <a name="input_retention_period"></a> [retention\_period](#input\_retention\_period) | Number of days to retain backups for | `number` | `5` | no |
-| <a name="input_backup_window"></a> [backup\_window](#input\_backup\_window) | Daily time range during which the backups happen, UTC | `string` | `"07:00-09:00"` | no |
-
 
 ## Outputs
 

modules/aws-backup/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-backup
+  - layer/data
+  - provider/aws
+---
+
 # Component: `aws-backup`
 
 This component is responsible for provisioning an AWS Backup Plan. It creates a schedule for backing up given ARNs.

modules/aws-config/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-config
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `aws-config`
 
 This component is responsible for configuring AWS Config.

modules/aws-inspector/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-inspector
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `aws-inspector`
 
 This component is responsible for provisioning an

modules/aws-inspector2/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-inspector2
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `aws-inspector2`
 
 This component is responsible for configuring Inspector V2 within an AWS Organization.

modules/aws-saml/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/aws-saml
+  - layer/identity
+  - provider/aws
+  - priviliged
+---
+
 # Component: `aws-saml`
 
 This component is responsible for provisioning SAML metadata into AWS IAM as new SAML providers. Additionally, for an

modules/aws-shield/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-shield
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `aws-shield`
 
 This component is responsible for enabling AWS Shield Advanced Protection for the following resources:

modules/aws-sso/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/aws-sso
+  - layer/identity
+  - provider/aws
+  - privileged
+---
+
 # Component: `aws-sso`
 
 This component is responsible for creating [AWS SSO Permission Sets][1] and creating AWS SSO Account Assignments, that

modules/aws-ssosync/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/aws-ssosync
+  - layer/identity
+  - provider/aws
+---
+
 # Component: `aws-ssosync`
 
 Deploys [AWS ssosync](https://github.com/awslabs/ssosync) to sync Google Groups with AWS SSO.

modules/aws-team-roles/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/aws-team-roles
+  - layer/identity
+  - provider/aws
+  - privileged
+---
+
 # Component: `aws-team-roles`
 
 This component is responsible for provisioning user and system IAM roles outside the `identity` account. It sets them up

modules/aws-teams/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/aws-teams
+  - layer/identity
+  - provider/aws
+  - privileged
+---
+
 # Component: `aws-teams`
 
 This component is responsible for provisioning all primary user and system roles into the centralized identity account.

modules/bastion/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/bastion
+  - layer/network
+  - provider/aws
+---
+
 # Component: `bastion`
 
 This component is responsible for provisioning a generic Bastion host within an ASG with parameterized `user_data` and

modules/cloudtrail-bucket/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/cloudtrail-bucket
+  - layer/foundation
+  - provider/aws
+---
+
 # Component: `cloudtrail-bucket`
 
 This component is responsible for provisioning a bucket for storing cloudtrail logs for auditing purposes. It's expected

modules/cloudtrail/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/cloudtrail
+  - layer/foundation
+  - provider/aws
+---
+
 # Component: `cloudtrail`
 
 This component is responsible for provisioning cloudtrail auditing in an individual account. It's expected to be used

modules/cloudwatch-logs/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/cloudwatch-logs
+  - layer/baseline
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `cloudwatch-logs`
 
 This component is responsible for creation of CloudWatch Log Streams and Log Groups.

modules/cognito/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/cognito
+  - layer/addons
+  - provider/aws
+---
+
 # Component: `cognito`
 
 This component is responsible for provisioning and managing AWS Cognito resources.

modules/config-bucket/README.md

@@ -1,3 +1,10 @@
+---
+tags:
+  - component/config-bucket
+  - layer/security-and-compliance
+  - provider/aws
+---
+
 # Component: `config-bucket`
 
 This module creates an S3 bucket suitable for storing `AWS Config` data.

modules/datadog-configuration/README.md

@@ -1,3 +1,11 @@
+---
+tags:
+  - component/datadog-configuration
+  - layer/datadog
+  - provider/datadog
+  - provider/aws
+---
+
 # Component: `datadog-configuration`
 
 This component is responsible for provisioning SSM or ASM entries for Datadog API keys.