docs: Update README to clarify variables purpose

draios · Feb 29, 2024 · 929f783 · 929f783
1 parent 6c8c038
commit 929f783
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/modules/services/eks/README.md b/modules/services/eks/README.md
@@ -40,10 +40,10 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="role_name"></a> [role_name](#role\_name) | IAM role that Sysdig will assume to access the EKS clusters | `string` | N/A | Yes |
-| <a name="var_clusters"></a> [clusters](#var\_clusters) | The list of clusters to be scanned by Sysdig (when 'onboard_all_clusters' is set to false, only the clusters specified in this list will be scanned) | `set(string)` | Empty list | No |
-| <a name="var_onboard_all_clusters"></a> [onboard_all_clusters](#var\_onboard\_all\_clusters) | If set to `true`, all public clusters will be onboarded | `bool` | `false` | No |
-| <a name="var_deploy_global_resources"></a> [deploy\_global\_resources](#var\_deploy\_global\_resources) | (Optional) Setting this field to 'true' creates an IAM role that allows Sysdig to pull ECR images | `bool` | `false` | no |
+| <a name="role_name"></a> [role_name](#role\_name) | (Required) IAM role that Sysdig will assume to access the EKS clusters | `string` | N/A | Yes |
+| <a name="var_clusters"></a> [clusters](#var\_clusters) | (Optional) To only scan some public clusters, enter their names here. Please note that only clusters with authentication mode set to API or API_AND_CONFIG_MAP will be onboarded. | `set(string)` | Empty list | No |
+| <a name="var_onboard_all_clusters"></a> [onboard_all_clusters](#var\_onboard\_all\_clusters) | (Optional) Set the value to true to ensure Sysdig scans all public clusters. Please note that only clusters with authentication mode set to API or API_AND_CONFIG_MAP will be onboarded. | `bool` | `false` | No |
+| <a name="var_deploy_global_resources"></a> [deploy\_global\_resources](#var\_deploy\_global\_resources) | (Optional) Setting this field to 'true' creates an IAM role that allows Sysdig to pull ECR images in order to scan them. | `bool` | `false` | no |
 | <a name="var_external_id"></a> [external\_id](#var\_external\_id) | (Optional) This value should be provided by Sysdig. External ID is optional information that you can use in an IAM role trust policy to designate who in Sysdig can assume the role | `string` | | yes |
 | <a name="var_name"></a> [name](#var\_name) | (Optional) This value should be provided by Sysdig. The field refers to an installation name, which will also be used to name the IAM role that grants access to pull ECR images | `string` | | no |
 | <a name="var_tags"></a> [tags](#var\_tags) | (Optional) This value should be provided by Sysdig. Tags that will be associated with the IAM role. | `map(string)` | <pre>{ "product": "sysdig-secure-for-cloud" }</pre> | no |

diff --git a/modules/services/eks/variables.tf b/modules/services/eks/variables.tf
@@ -5,20 +5,20 @@ variable "role_name" {
 }
 
 variable "onboard_all_clusters" {
-  description = "(Optional) Set the value to true if all public clusters (API and API_AND_CONFIG_MAP-type clusters) should be scanned by Sysdig. Only the clusters having authentication mode set to either API or API_AND_CONFIG_MAP will be onboarded."
+  description = "(Optional) Set the value to true to ensure Sysdig scans all public clusters. Please note that only clusters with authentication mode set to API or API_AND_CONFIG_MAP will be onboarded."
   type        = bool
   default     = false
 }
 
 variable "clusters" {
-  description = "(Optional) Please list the clusters to be scanned by Sysdig (when 'onboard_all_clusters' is set to false, only the clusters specified here will be scanned). The clusters must have authentication mode set to either API or API_AND_CONFIG_MAP to be onboarded."
+  description = "(Optional) To only scan some public clusters, enter their names here. Please note that only clusters with authentication mode set to API or API_AND_CONFIG_MAP will be onboarded."
   type        = set(string)
   default     = []
 }
 
 // Values required to create the ECR role
 variable "deploy_global_resources" {
-  description = "(Optional) Setting this field to 'true' creates an IAM role that allows Sysdig to pull ECR images."
+  description = "(Optional) Setting this field to 'true' creates an IAM role that allows Sysdig to pull ECR images in order to scan them."
   type        = bool
   default     = false
 }