diff --git a/docs/architecture.md b/docs/architecture.md index 56a512294..8c8cd3f8e 100644 --- a/docs/architecture.md +++ b/docs/architecture.md @@ -3,11 +3,11 @@ Terrascan's architecture is built to be modular to facilitate adding IaC languages and policies. At a high level Terrascan is composed of the following architectural components: a command line interface, API server, runtime, pluggable IaC providers, pluggable policy engine, notifier, and writer. * Command Line Interface = Provides CLI input to Terrascan. -* API Server = Provider input to Terrascan through an API. +* API Server = Provides input to Terrascan through an API. * Runtime = Performs input validation and process inputs * IaC Providers = Converts IaC language into normalized JSON * Policy Engine = Applies policies against normalized JSON -* Notifier = Providers webhooks for results of Terrascan scans. +* Notifier = Provides webhooks for results of Terrascan scans. * Writer = Writes results into various formats like JSON, YAML, or XML. ![Terrascan architecture](terrascan_architecture.png) diff --git a/docs/getting-started/quickstart.md b/docs/getting-started/quickstart.md index 502f2c647..ad39cddcc 100644 --- a/docs/getting-started/quickstart.md +++ b/docs/getting-started/quickstart.md @@ -58,7 +58,7 @@ $ cd KaiMonkey/terraform/aws $ terrascan scan ``` -By default Terrascan will output its findings in human friendy format: +By default Terrascan will output its findings in human friendly format: ``` sh Violation Details - diff --git a/docs/policies.md b/docs/policies.md index 9f7ba3b12..c1254b6ab 100644 --- a/docs/policies.md +++ b/docs/policies.md @@ -15,7 +15,7 @@ In a future enhancement, Terrascan will have a better way to ignore individual p ## Adding policies -For each policy there are 2 files required by Terrascan, a rule `.json` file with metada for the policy and a `.opa` [rego](https://www.openpolicyagent.org/docs/latest/policy-language/) file. +For each policy there are 2 files required by Terrascan, a rule `.json` file with metadata for the policy and a `.opa` [rego](https://www.openpolicyagent.org/docs/latest/policy-language/) file for the policy itself. ### Writing an OPA rego policy file The input for the rego policies is the normalized input from the IaC provider. When writing policies you can obtain this as a normalized `.json` by using the `--config-only` flag of the scan command in combination with `-o json`. Let's use this Terraform HCL file for example: diff --git a/docs/policies/aws.md b/docs/policies/aws.md index 2cecfe119..99778f119 100644 --- a/docs/policies/aws.md +++ b/docs/policies/aws.md @@ -256,7 +256,7 @@ ### aws_redshift_cluster | Category | Resource | Severity | Description | Reference ID | | -------- | -------- | -------- | ----------- | ------------ | -| Network Security | Redshift | HIGH | Ensure Redshift clusters are not publicly accessible to minimise security risks. | AWS.Redshift.NetworkSecurity.HIGH.0564 | +| Network Security | Redshift | HIGH | Ensure Redshift clusters are not publicly accessible to minimize security risks. | AWS.Redshift.NetworkSecurity.HIGH.0564 | | Logging | Redshift | MEDIUM | Ensure audit logging is enabled for Redshift clusters for security and troubleshooting purposes. | AWS.Redshift.Logging.Medium.0565 | | Encryption and Key Management | Redshift | HIGH | Use customer-managed KMS keys instead of AWS-managed keys, to have granular control over encrypting and encrypting data. Encrypt Redshift clusters with a Customer-managed KMS key. This is a recommended best practice. | AWS.Redshift.EncryptionandKeyManagement.High.0415 |