diff --git a/.github/workflows/fmt:check.yml b/.github/workflows/fmt:check.yml
new file mode 100644
index 0000000..17cf997
--- /dev/null
+++ b/.github/workflows/fmt:check.yml
@@ -0,0 +1,25 @@
+---
+name: Terraform Validation
+
+on:
+ pull_request:
+ branches:
+ - main
+
+jobs:
+ terraform:
+ name: Lint
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v4
+ - name: Install Task
+ uses: arduino/setup-task@v2
+ with:
+ version: 3.x
+ repo-token: ${{ secrets.GITHUB_TOKEN }}
+ - name: Install Terraform
+ uses: hashicorp/setup-terraform@v3
+ with:
+ terraform_version: "1.8.2"
+ - name: Terraform fmt
+ run: task fmt:check
diff --git a/README.md b/README.md
index 7e5031b..a065e03 100644
--- a/README.md
+++ b/README.md
@@ -1,17 +1,21 @@
# terraform-aws-enrichment
+
## Getting Started
+
Corelight's AWS Cloud Enrichment requires the deployment of a lambda and its
supporting infrastructure to ensure the data in your Corelight cloud sensors are
always up-to-date with the latest state of your cloud resources.
### Preparation
-Image based Lambdas must be deployed from a private Elastic Container Registry (ECR)
-repository and therefore the data collection serverless container image provided by
+
+Image based Lambdas must be deployed from a private Elastic Container Registry (ECR)
+repository and therefore the data collection serverless container image provided by
Corelight must be copied from Dockerhub and pushed to your own ECR repository.
#### Copying the Corelight image
+
Corelight recommends install [skopeo](https://github.com/containers/skopeo/blob/main/install.md) to assist with copying this image.
```bash
AWS_ACCOUNT=
@@ -39,6 +43,7 @@ skopeo copy docker://$SRC_IMAGE docker://$DST_IMAGE --dest-tls-verify
```
### Deployment
+
The variables for this module all have default values that can be overwritten
to meet your naming and compliance standards. The only variables without defaults are
the Lambda's ECR image name and tag which you will set during preparation.
@@ -49,4 +54,4 @@ Deployment examples can be found [here](examples)
The project is licensed under the [MIT][] license.
-[MIT]: LICENSE
\ No newline at end of file
+[MIT]: LICENSE
diff --git a/Taskfile.yml b/Taskfile.yml
new file mode 100644
index 0000000..1684a3a
--- /dev/null
+++ b/Taskfile.yml
@@ -0,0 +1,13 @@
+---
+version: "3"
+
+tasks:
+ fmt:
+ desc: Reformat your configuration in the standard style
+ cmds:
+ - terraform fmt -recursive .
+
+ fmt:check:
+ desc: Check if the input is formatted
+ cmds:
+ - terraform fmt -recursive -check -diff .