Sync aws Terraform module documentation to pan.dev

products/terraform/docs/swfw/aws/vmseries/examples/panorama_standalone.md

@@ -103,8 +103,6 @@ Use a web browser to access https://x.x.x.x and login with admin and your previo
 | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
 | [aws_caller_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_ebs_default_kms_key.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ebs_default_kms_key) | data source |
-| [aws_kms_alias.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_alias) | data source |
 | [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
 
 ### Inputs
@@ -113,7 +111,7 @@ Use a web browser to access https://x.x.x.x and login with admin and your previo
 |------|-------------|------|---------|:--------:|
 | <a name="input_global_tags"></a> [global\_tags](#input\_global\_tags) | Global tags configured for all provisioned resources | `map(any)` | `{}` | no |
 | <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | Prefix used in names for the resources (VPCs, EC2 instances, autoscaling groups etc.) | `string` | `""` | no |
-| <a name="input_panoramas"></a> [panoramas](#input\_panoramas) | A map defining Panorama instances<br /><br />Following properties are available:<br />- `instances`: map of Panorama instances with attributes:<br />  - `az`: name of the Availability Zone<br />  - `private_ip_address`: private IP address for management interface<br />- `panos_version`: PAN-OS version used for Panorama<br />- `network`: definition of network settings in object with attributes:<br />  - `vpc`: name of the VPC (needs to be one of the keys in map `vpcs`)<br />  - `vpc_subnet`: key of the VPC and subnet connected by '-' character<br />  - `security_group`: security group assigned to ENI used by Panorama<br />  - `create_public_ip`: true, if public IP address for management should be created<br />- `ebs`: EBS settings defined in object with attributes:<br />  - `volumes`: list of EBS volumes attached to each instance<br />  - `kms_key_alias`: KMS key alias used for encrypting Panorama EBS<br />- `iam`: IAM settings in object with attrbiutes:<br />  - `create_role`: enable creation of IAM role<br />  - `role_name`: name of the role to create or use existing one<br />- `enable_imdsv2`: whether to enable IMDSv2 on the EC2 instance<br /><br />Example:<pre>{<br />  panorama\_ha\_pair = {<br />    instances = {<br />      "primary" = {<br />        az                 = "eu-central-1a"<br />        private\_ip\_address = "10.255.0.4"<br />      }<br />      "secondary" = {<br />        az                 = "eu-central-1b"<br />        private\_ip\_address = "10.255.1.4"<br />      }<br />    }<br /><br />    panos\_version = "10.2.3"<br /><br />    network = {<br />      vpc              = "management\_vpc"<br />      vpc\_subnet       = "management\_vpc-mgmt"<br />      security\_group   = "panorama\_mgmt"<br />      create\_public\_ip = true<br />    }<br /><br />    ebs = {<br />      volumes = [<br />        {<br />          name            = "ebs-1"<br />          ebs\_device\_name = "/dev/sdb"<br />          ebs\_size        = "2000"<br />          ebs\_encrypted   = true<br />        },<br />        {<br />          name            = "ebs-2"<br />          ebs\_device\_name = "/dev/sdc"<br />          ebs\_size        = "2000"<br />          ebs\_encrypted   = true<br />        }<br />      ]<br />      kms\_key\_alias = "aws/ebs"<br />    }<br /><br />    iam = {<br />      create\_role = true<br />      role\_name   = "panorama"<br />    }<br /><br />    enable\_imdsv2 = false<br />  }<br />}</pre> | <pre>map(object({<br />    instances = map(object({<br />      az                 = string<br />      private\_ip\_address = string<br />    }))<br /><br />    panos\_version = string<br /><br />    network = object({<br />      vpc              = string<br />      vpc\_subnet       = string<br />      security\_group   = string<br />      create\_public\_ip = bool<br />    })<br /><br />    ebs = object({<br />      volumes = list(object({<br />        name            = string<br />        ebs\_device\_name = string<br />        ebs\_size        = string<br />        ebs\_encrypted   = bool<br />      }))<br />      kms\_key\_alias = string<br />    })<br /><br />    iam = object({<br />      create\_role = bool<br />      role\_name   = string<br />    })<br /><br />    enable\_imdsv2 = bool<br />  }))</pre> | `{}` | no |
+| <a name="input_panoramas"></a> [panoramas](#input\_panoramas) | A map defining Panorama instances<br /><br />Following properties are available:<br />- `instances`: map of Panorama instances with attributes:<br />  - `az`: name of the Availability Zone<br />  - `private_ip_address`: private IP address for management interface<br />- `panos_version`: PAN-OS version used for Panorama<br />- `network`: definition of network settings in object with attributes:<br />  - `vpc`: name of the VPC (needs to be one of the keys in map `vpcs`)<br />  - `vpc_subnet`: key of the VPC and subnet connected by '-' character<br />  - `security_group`: security group assigned to ENI used by Panorama<br />  - `create_public_ip`: true, if public IP address for management should be created<br />- `ebs`: EBS settings defined in object with attributes:<br />  - `volumes`: list of EBS volumes attached to each instance<br />  - `kms_key_alias`: KMS key alias used for encrypting Panorama EBS<br />- `iam`: IAM settings in object with attrbiutes:<br />  - `create_role`: enable creation of IAM role<br />  - `role_name`: name of the role to create or use existing one<br />- `enable_imdsv2`: whether to enable IMDSv2 on the EC2 instance<br /><br />Example:<pre>{<br />  panorama\_ha\_pair = {<br />    instances = {<br />      "primary" = {<br />        az                 = "eu-central-1a"<br />        private\_ip\_address = "10.255.0.4"<br />      }<br />      "secondary" = {<br />        az                 = "eu-central-1b"<br />        private\_ip\_address = "10.255.1.4"<br />      }<br />    }<br /><br />    panos\_version = "10.2.3"<br /><br />    network = {<br />      vpc              = "management\_vpc"<br />      vpc\_subnet       = "management\_vpc-mgmt"<br />      security\_group   = "panorama\_mgmt"<br />      create\_public\_ip = true<br />    }<br /><br />    ebs = {<br />      volumes = [<br />        {<br />          name            = "ebs-1"<br />          ebs\_device\_name = "/dev/sdb"<br />          ebs\_size        = "2000"<br />          ebs\_encrypted   = true<br />        },<br />        {<br />          name            = "ebs-2"<br />          ebs\_device\_name = "/dev/sdc"<br />          ebs\_size        = "2000"<br />          ebs\_encrypted   = true<br />        }<br />      ]<br />      kms\_key\_alias = "aws/ebs"<br />    }<br /><br />    iam = {<br />      create\_role = true<br />      role\_name   = "panorama"<br />    }<br /><br />    enable\_imdsv2 = false<br />  }<br />}</pre> | <pre>map(object({<br />    instances = map(object({<br />      az                 = string<br />      private\_ip\_address = string<br />    }))<br /><br />    panos\_version = string<br /><br />    network = object({<br />      vpc              = string<br />      vpc\_subnet       = string<br />      security\_group   = string<br />      create\_public\_ip = bool<br />    })<br /><br />    ebs = object({<br />      volumes = list(object({<br />        name            = string<br />        ebs\_device\_name = string<br />        ebs\_size        = string<br />      }))<br />      encrypted     = bool<br />      kms\_key\_alias = string<br />    })<br /><br />    iam = object({<br />      create\_role = bool<br />      role\_name   = string<br />    })<br /><br />    enable\_imdsv2 = bool<br />  }))</pre> | `{}` | no |
 | <a name="input_region"></a> [region](#input\_region) | AWS region used to deploy whole infrastructure | `string` | n/a | yes |
 | <a name="input_ssh_key_name"></a> [ssh\_key\_name](#input\_ssh\_key\_name) | Name of the SSH key pair existing in AWS key pairs and used to authenticate to VM-Series or test boxes | `string` | n/a | yes |
 | <a name="input_vpcs"></a> [vpcs](#input\_vpcs) | A map defining VPCs with security groups and subnets.<br /><br />Following properties are available:<br />- `name`: VPC name<br />- `cidr`: CIDR for VPC<br />- `security_groups`: map of security groups<br />- `subnets`: map of subnets with properties:<br />   - `az`: availability zone<br />   - `set`: internal identifier referenced by main.tf<br />- `routes`: map of routes with properties:<br />   - `vpc_subnet`: built from key of VPCs concatenate with `-` and key of subnet in format: `VPCKEY-SUBNETKEY`<br />   - `to_cidr`: destination IP range<br />   - `next_hop_key`: must match keys use to create TGW attachment, IGW, GWLB endpoint or other resources<br />   - `next_hop_type`: internet\_gateway, nat\_gateway, transit\_gateway\_attachment or gwlbe\_endpoint<br /><br />Example:<pre>{<br />  security\_vpc = {<br />    name = "security-vpc"<br />    cidr = "10.100.0.0/16"<br />    security\_groups = {<br />      panorama\_mgmt = {<br />        name = "panorama\_mgmt"<br />        rules = {<br />          all\_outbound = {<br />            description = "Permit All traffic outbound"<br />            type        = "egress", from\_port = "0", to\_port = "0", protocol = "-1"<br />            cidr\_blocks = ["0.0.0.0/0"]<br />          }<br />          https = {<br />            description = "Permit HTTPS"<br />            type        = "ingress", from\_port = "443", to\_port = "443", protocol = "tcp"<br />            cidr\_blocks = ["130.41.247.0/24"]<br />          }<br />          ssh = {<br />            description = "Permit SSH"<br />            type        = "ingress", from\_port = "22", to\_port = "22", protocol = "tcp"<br />            cidr\_blocks = ["130.41.247.0/24"]<br />          }<br />        }<br />      }<br />    }<br />    subnets = {<br />      "10.100.0.0/24"  = { az = "eu-central-1a", set = "mgmt" }<br />      "10.100.64.0/24" = { az = "eu-central-1b", set = "mgmt" }<br />    }<br />    routes = {<br />      mgmt\_default = {<br />        vpc\_subnet    = "security\_vpc-mgmt"<br />        to\_cidr       = "0.0.0.0/0"<br />        next\_hop\_key  = "security\_vpc"<br />        next\_hop\_type = "internet\_gateway"<br />      }<br />    }<br />  }<br />}</pre> | <pre>map(object({<br />    name            = string<br />    cidr            = string<br />    security\_groups = any<br />    subnets = map(object({<br />      az  = string<br />      set = string<br />    }))<br />    routes = map(object({<br />      vpc\_subnet    = string<br />      to\_cidr       = string<br />      next\_hop\_key  = string<br />      next\_hop\_type = string<br />    }))<br />  }))</pre> | `{}` | no |