From ac5212990a6bb8ca73b5ff2851756fc219e0b7aa Mon Sep 17 00:00:00 2001
From: Julio Delgado Jr <delgjul@amazon.com>
Date: Sun, 3 May 2020 11:42:56 -0400
Subject: [PATCH] Updated Patterns,Descriptions,Defaults,Tags

---
 util/org-multi-account/ProwlerRole.yaml | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/util/org-multi-account/ProwlerRole.yaml b/util/org-multi-account/ProwlerRole.yaml
index f640b5ad..544cf1cd 100644
--- a/util/org-multi-account/ProwlerRole.yaml
+++ b/util/org-multi-account/ProwlerRole.yaml
@@ -21,28 +21,36 @@ Metadata:
 Parameters:
   ProwlerS3:
     Type: String
-    Description: Enter S3 Bucket for Prowler Reports
-    Default: prowler-417425889548-us-east-1
+    Description: Enter S3 Bucket for Prowler Reports.  prefix-awsaccount-awsregion
+    AllowedPattern: ^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]$
+    Default: prowler-123456789012-us-east-1
   ProwlerEc2Account:
     Type: String
     Description: Enter AWS Account Number where Prowler EC2 Instance will reside.
     AllowedPattern: ^\d{12}$
     ConstraintDescription: An AWS Account Number must be a 12 digit numeric string.
-    Default: 544425379660
   ProwlerEc2Role:
     Type: String
     Description: Enter Instance Role that will be given to the Prowler EC2 Instance (needed to grant sts:AssumeRole rights).
+    AllowedPattern: ^[\w+=,.@-]{1,64}$
+    ConstraintDescription: Max 64 alphanumeric characters. Also special characters supported [+, =, ., @, -]
     Default: ProwlerEC2-Role
   ProwlerCrossAccountRole:
     Type: String
-    Description: Enter Name for CrossAccount Role to be created for Prowler tto assess AWS Accounts in the AWS Organization.
+    Description: Enter Name for CrossAccount Role to be created for Prowler to assess all Accounts in the AWS Organization.
+    AllowedPattern: ^[\w+=,.@-]{1,64}$
+    ConstraintDescription: Max 64 alphanumeric characters. Also special characters supported [+, =, ., @, -]
     Default: ProwlerXA-Role
 
 Resources:
   ProwlerRole:
     Type: AWS::IAM::Role
     Properties:
+      Description: Provides Prowler EC2 instance permissions to assess security of Accounts in AWS Organization
       RoleName: !Ref ProwlerCrossAccountRole
+      Tags:
+        - Key: App
+          Value: Prowler
       AssumeRolePolicyDocument:
         Version: 2012-10-17
         Statement: