Merge pull request #62 from aws-samples/bug/correct-typos

Correct typos and align instructions with other solutions

Author: andywick-aws

solutions/common/register-delegated-administrator/aws-control-tower/manifest-v2.yaml

@@ -9,7 +9,7 @@ resources:
 # Common Register Delegated Administrator Solution
 # -----------------------------------------------------------------------------
   - name: CommonRegisterDelegatedAdmin
-    resource_file: templates/common-register-delegated-admin.yaml
+    resource_file: templates/common-register-delegated-administrator.yaml
     parameters:
       - parameter_key: pDelegatedAdminAccountId
         parameter_value: $[alfred_ssm_/org/member/Audit/account_id]

solutions/config/conformance-pack-org/README.md

@@ -213,9 +213,10 @@ get started and to evaluate your AWS environment, use one of the sample conforma
 #### Pre-requisites
 1. Create AWS Config Conformance Pack Templates S3 Bucket in the Security Tooling Account
    * Create an SSM parameter in the Organization Management Account (Optional)
-   * CloudFormation template to create the S3 bucket - documentation/setup/create-conformance-pack-templates-bucket.yaml
-2. Upload documentation/setup/conformance-pack-templates/aws-control-tower-detective-guardrails.yaml to the AWS Config 
-    Conformance Pack Templates S3 Bucket
+   * [CloudFormation template](./documentation/setup/create-conformance-pack-templates-bucket.yaml) to create the S3 bucket
+2. Upload [aws-control-tower-detective-guardrails.yaml](./documentation/setup/conformance-pack-templates/aws-control-tower-detective-guardrails.yaml) 
+   or [Operational-Best-Practices-for-Encryption-and-Keys.yaml](./documentation/setup/conformance-pack-templates/Operational-Best-Practices-for-Encryption-and-Keys.yaml) 
+   to the AWS Config Conformance Pack Templates S3 Bucket
 
 #### Instructions
 

solutions/firewall-manager/firewall-manager-org/README.md

@@ -290,41 +290,24 @@ the account when the custom resource is deleted via CloudFormation.
 
 ### Instructions
 
-1. Following [AWS Lambda Best Practices](https://docs.aws.amazon.com/lambda/latest/dg/best-practices.html) - 
-    Use the provided packaging script to locally build and package the Lambda function used by the CloudFormation 
-    Custom Resource. Start the process by executing the **package-lambda.sh** in the **/extras/packaging-scripts** 
-    directory. - [Packaging script](../../../extras/packaging-scripts/package-lambda.sh)
-
-   ```bash
-    ./package-lambda.sh \
-     --file_name firewall-manager-org.zip \
-     --bucket lambda-src-s3-bucket \
-     --src_dir ~/aws-security-reference-architecture-examples/solutions/firewall-manager/firewall-manager-org/code/src
+1. Package the Lambda code into a zip file and upload it to the S3 bucket
+   * Package and Upload the Lambda zip file to S3 - [Packaging script](../../../extras/packaging-scripts/package-lambda.sh)
+   ```shell
+    export BUCKET=lambda-zips-CHANGE_ME_ACCOUNT_ID-CHANGE_ME_REGION
+    sh ~/aws-security-reference-architecture-examples/extras/packaging-scripts/package-lambda.sh \
+    --file_name firewall-manager-org-delegate-admin.zip \
+    --bucket $BUCKET \
+    --src_dir ~/aws-security-reference-architecture-examples/solutions/firewall-manager/firewall-manager-org/code/src
    ```
+2. Create a CloudFormation StackSet or Stack within the AWS account using the following templates
+   
+   |     Account     |   StackSet Name   |  Template  |
+   | --------------- | ----------------- | ---------- |
+   | Management | FirewallManagerOrgDelegateAdmin | templates/firewall-manager-org-delegated-admin.yaml |
+   | Security | FirewallManagerOrgSGPolicy | templates/firewall-manager-org-sg-policy.yaml |
+   | Security | FirewallManagerOrgWAFPolicy | templates/firewall-manager-org-waf-policy.yaml |
+   | Security | FirewallManagerOrgDisassociateRole | templates/firewall-manager-org-disassociate-iam-role.yaml |
 
-2. In your Organizational Management Account - deploy the fw-manager-delegated-admin.template. The Template 
-    requires a single parameter: **pDelegatedAdministrationAccountNumber**. Specify the AWS Account Number of the 
-    account that you wish to delegate administration of Firewall Manager to for the parameter. 
-    IMPORTANT - replace the parameter values with the Account Number you wish to delegate FW manager administration to, 
-    the S3 Bucket you uploaded the Lambda Package to, and the name of the lambda package (s3 key) in that bucket.
-
-   ```bash
-    aws cloudformation create-stack \
-          --stack-name firewall-manager-org-delegate-admin \
-          --capabilities CAPABILITY_IAM \
-          --template-body file://firewall-manager-org-delegate-admin.yaml 
-          --parameters \ 
-                ParameterKey=pDelegatedAdminAccountId,ParameterValue=REPLACE-ME-WITH-YOUR-DELEGATED-ACCOUNT-NUMBER \
-                ParameterKey=pLambdaS3BucketName,ParameterValue=REPLACE-ME-WITH-YOUR-LAMBDA-UPLOAD-BUCKET \
-                ParameterKey=pLambdaZipFileName,ParameterValue=REPLACE-ME-WITH-THE-NAME-OF-THE-LAMBDA-ZIP-FILE \
-                ParameterKey=pRoleToAssume,ParameterValue=REPLACE-ME-WITH-THE-ROLE-TO-ASSUME \
-                ParameterKey=pTagKey1,ParameterValue=REPLACE-ME-WITH-THE-TAG-KEY \
-                ParameterKey=pTagValue1,ParameterValue=REPLACE-ME-WITH-THE-TAG-VALUE      
-   ```	
-
-3. Next deploy both the **firewall-manager-org-waf-policy.yaml** and **firewall-manager-org-sg-policy.yaml** in the 
-    AWS Account that you delegated Firewall Manager Administration to in the previous step. Review the templates for 
-    specifics on parameter requirements.
 
 ----