Updated README.md

CHANGELOG.md

@@ -1,3 +1,6 @@
+# 0.13.11 (Aug 08, 2023)
+* Updated `README.md` with application management info.
+
 # 0.13.10 (Jul 25, 2023)
 * Prevent collisions of fargate services when using shared infrastructure.
 

README.md

@@ -3,6 +3,10 @@
 This app module is used to create a long-running service such as an API, Web App, or Background Worker.
 To create a task/job that runs on a schedule or trigger, use Fargate Task.
 
+## When to use
+
+Fargate Service is a great choice for APIs, Web Apps, or Background Workers and you do not want to manage EC2 servers.
+
 ## Security & Compliance
 
 Security scanning is graciously provided by [Bridgecrew](https://bridgecrew.io/).
@@ -18,15 +22,26 @@ Bridgecrew is the leading fully hosted, cloud-native solution providing continuo
 
 ## Platform
 
-This module uses [AWS Fargate](https://docs.aws.amazon.com/AmazonECS/latest/userguide/what-is-fargate.html), which is a technology that allows you to run ECS container applications without managing EC2 boxes (Virtual Machines).
+This module uses [AWS Fargate](https://docs.aws.amazon.com/AmazonECS/latest/userguide/what-is-fargate.html), which is a technology that allows you to run ECS container applications without managing EC2 servers (Virtual Machines).
+
+## Network Access
+
+When the service is provisioned, it is placed into private subnets on the connected network.
+As a result, the Fargate Service can route to services on the private network *and* is accessible on the private network.
+
+## Public Access
+
+To enable public access to the service, add an `Ingress` capability.
+
+In most cases, a `Load Balancer` capability is the best choice for exposing as it enables rollout deployments with no downtime.
+Additionally, a `Load Balancer` allows you to split traffic between more than 1 task based on load.
+
+## Logs
+
+Logs are automatically emitted to AWS Cloudwatch Log Group: `/<task-name>`.
+To access through the Nullstone CLI, use `nullstone logs` CLI command. (See [`logs`](https://docs.nullstone.io/getting-started/cli/docs.html#logs) for more information)
 
-## App Support
+## Secrets
 
-- Environment Variables
-- Secrets
-- Network Access
-- SSH Access
-- Log Providers
-- Load Balancers
-- Sidecars
-- Volumes
+Nullstone automatically injects secrets into your Fargate Service through environment variables.
+(They are stored in AWS Secrets Manager and injected by AWS during launch.)

deployer.tf

@@ -4,6 +4,7 @@
 // This is necessary for us to execute `nullstone deploy` on the CLI
 
 resource "aws_iam_user" "deployer" {
+  #bridgecrew:skip=CKV_AWS_273: Skipping "Ensure access is controlled through SSO and not AWS IAM defined users". SSO is unavailable to configure.
   name = "deployer-${local.resource_name}"
   tags = local.tags
 }

pusher.tf

@@ -1,4 +1,5 @@
 resource "aws_iam_user" "image_pusher" {
+  #bridgecrew:skip=CKV_AWS_273: Skipping "Ensure access is controlled through SSO and not AWS IAM defined users". SSO is unavailable to configure.
   name = "image-pusher-${local.resource_name}"
   tags = local.tags