docs(modules): add description, preset variables info, and additional notes

saumitra-dev · saumitra-dev · commit 3f3d4424949a · 2024-08-02T12:35:18.000+05:30
diff --git a/modules/acm/.header.md b/modules/acm/.header.md
@@ -1 +1,12 @@
 # acm
+
+This sub-module creates the Amazon-issued certificates for given domains with `validation_option` configuration.
+
+## Presets
+
+- The `validation_method` is set to `DNS` as the recommended method, and can be overridden to use `EMAIL` method if required.
+
+## Notes
+
+- ACM certificates are created before destroying existing ones (to update the configuration), which is the recommended practice.
+- The sub-module outputs the corresponding validation records for every Amazon-issued ACM certificate created. This can be further used to complete the validation by creating the Route53 DNS records.
diff --git a/modules/alb/.header.md b/modules/alb/.header.md
@@ -1 +1,52 @@
 # alb
+
+This sub-module creates:
+
+1. Application Load Balancer in the given subnets
+2. Target Groups with Health Check configuration
+3. Listeners with Default Action configuration, and
+4. Listener Rules with Actions with `forward` and `authenticate-oidc` types, and Conditions involving `host_header`, `path_pattern`, and `http_request_method`.
+
+## Presets
+
+### Load Balancer
+
+- The `internal` is set to `false` as the default option (i.e., an Internet-facing ALB), and can be overridden to be internal if required.
+- The `preserve_host_header` is set to `true` as the default option (i.e., the `HOST` header is not overridden by the ALB), and can be overridden to allow the ALB to override the header if required.
+- The `enable_deletion_protection` is set to `false` as the recommended option (i.e., the ALB can be destroyed using the API), and can be overridden to enable the deletion protection if required.
+
+### Listener
+
+- The `protocol` is set to `HTTP` as the default option, and can be overridden to use `HTTPS` if required.
+- The `ssl_policy` is set to `ELBSecurityPolicy-TLS13-1-2-2021-06` as the recommended SSL policy ([read more](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies)), and can be overridden to use a different SSL policy if required.
+
+## Notes
+
+- For configuration that requires ARNs to other Target Groups/Listeners, the name of the Target Group/Listener can be specified as the value of the attribute, so that the sub-module implicitly references the corresponding Target Group/Listener for the ARN.
+
+  ```hcl
+  module "alb" {
+    . . .
+
+    target_groups = {
+      # Define the Target Group with a key
+      nginx = {
+        . . .
+      }
+    }
+
+    listeners = {
+      . . .
+      default_action = [
+        {
+          . . .
+
+          # Reference the target group using the key
+          target_group = "nginx"
+        }
+      ]
+    }
+  }
+  ```
+
+- Listener Rule Actions currently support the `forward` and `authenticate-oidc` types only, and will be expanded to cover other types in future iteratively. Similarly, the Listener Rule Conditions currently support the `host_header`, `path_pattern` and `http_request_method` configurations only.
diff --git a/modules/capacity-provider/.header.md b/modules/capacity-provider/.header.md
@@ -1 +1,22 @@
 # capacity-provider
+
+This sub-module creates:
+
+1. ECS Capacity Providers with `auto_scaling_group_provider` configuration (optionally with `managed_scaling`), and
+2. ECS Cluster Capacity Providers using the created ECS Capacity Providers, and with `default_capacity_provider_strategy` configuration.
+
+## Presets
+
+### ECS Capacity Provider
+
+- The `managed_termination_protection` is enabled by default as recommended (which enables termination protection to container instances), and can be disabled if required.
+
+### ECS Cluster Capacity Providers
+
+- The `default_auto_scaling_group_arn` is a required attribute, and is used as the default Autoscaling group ARN under `auto_scaling_group_provider` configuration under each ECS Capacity Provider. The `auto_scaling_group_arn` can be overridden for individual ECS Capacity Provider if required.
+- The `weight` under `default_capacity_provider_strategy` configuration is set to `1` as the default option (i.e., equal distribution of tasks in each ECS Capacity Provider), and can be overridden.
+- The `base` under `default_capacity_provider_strategy` configuration is set to `0` as the default option (i.e., min. number of tasks running in each ECS Capacity Provider), and can be overridden.
+
+## Notes
+
+- ECS Cluster Capacity Providers utilizes all the ECS Capacity Providers that were created through the sub-module as the desired behaviour, and cannot be overridden.
