sysdiglabs · wideawakening · Jan 5, 2023 · Jan 5, 2023 · Jan 5, 2023 · Jan 5, 2023
@@ -44,6 +44,10 @@ Current examples were developed for simple use-case scenarios.
 If not Terraform nor Cloudformation suits, take a look at the `manual-*` prefixed use-cases.
 
 
+
+For [all-feature installation](https://docs.sysdig.com/en/docs/sysdig-secure/sysdig-secure-for-cloud/#features), check
+
+
 |                   | `/examples/single-*`                                               | `/examples/organizational-*` |
 | --| -- | -- |
 | Deployment Type   | all Sysdig resources will be deployed within the selected account | Most Sysdig resources will be deployed within the selected account (just one), but some features, require resources to be deployed on all of the member-accounts (for Compliance and Image Scanning) . <br />One role is needed on the management account for cloudtrail-s3 event access |
@@ -53,3 +57,11 @@ If not Terraform nor Cloudformation suits, take a look at the `manual-*` prefixe
 | More Info | [single-ecs](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/examples/single-account-ecs), [single-apprunner](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/examples/single-account-apprunner), [single-k8s](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/examples/single-account-k8s) | [organizational](https://github.com/sysdiglabs/terraform-aws-secure-for-cloud/tree/master/examples/organizational) |
 
 With both examples `single` and `org`, you can customize the desired features to de deployed with the `deploy_*` input vars to avoid deploying more than wanted.
+
+<br/>
+
+If you just want [CIS Unified Compliance Benchmarks](https://docs.sysdig.com/en/docs/sysdig-secure/posture/compliance/compliance-unified-/) 
+you can make use of 
+
+- [Single-Account Compliance Role Setup](./compliance-role-single-account.md)
+- [Organizational Compliance Role setup](./compliance-role-organizational.md)
@@ -1,19 +1,10 @@
-# SingleAccount-CIS Benchmarks
+# Organizational - CIS Unified Compliance
 
 ## Use-Case explanation
 
-Simple single-account setu in order to get CIS Benchmark
+Organizational setup, in order to get [CIS Unified Compliance Benchmarks](https://docs.sysdig.com/en/docs/sysdig-secure/posture/compliance/compliance-unified-/)
 
-**Client Setup**
-
-- [X] single-account setup
-- [ ] pre-existing resources
-
-**Sysdig Secure For Cloud Features**
-
-- [X] A part of Compliance, only CIS Benchmarks
-
-## Suggested setup
+## Setup
 
 ```terraform
 terraform {
@@ -35,6 +26,8 @@ provider "aws" {
 
 module "sysdig-sfc" {
   source = "sysdiglabs/secure-for-cloud/aws//module/services/cloud-bench"
-  name    = "TEST-NAME-cloudbench"  # optional
+  name    = "sysdig-compliance-role"  # optional
+
+  is_organizational=true
 }
 ```
@@ -0,0 +1,31 @@
+# Single Account - CIS Unified Compliance
+
+## Use-Case explanation
+
+AWS single-account setup, in order to get [CIS Unified Compliance Benchmarks](https://docs.sysdig.com/en/docs/sysdig-secure/posture/compliance/compliance-unified-/)
+
+## Setup
+
+```terraform
+terraform {
+  required_providers {
+    sysdig = {
+      source  = "sysdiglabs/sysdig"
+    }
+  }
+}
+
+provider "sysdig" {
+  sysdig_secure_url        = "<SYSDIG_SECURE_URL>"
+  sysdig_secure_api_token  = "<SYSDIG_SECURE_API_TOKEN>"
+}
+
+provider "aws" {
+  region = "<AWS_REGION>"
+}
+
+module "sysdig-sfc" {
+  source = "sysdiglabs/secure-for-cloud/aws//module/services/cloud-bench"
+  name    = "sysdig-compliance-role"  # optional
+}
+```