blueimp
diff --git a/‎README.md
+13-10 b/‎README.md
+13-10
diff --git a/‎authorize-ip/README.md
+29-22 b/‎authorize-ip/README.md
+29-22
diff --git a/‎bucket-owner-full-control/README.md
+23-20 b/‎bucket-owner-full-control/README.md
+23-20
diff --git a/‎cloudfront-forwarded-host/README.md
+18-15 b/‎cloudfront-forwarded-host/README.md
+18-15
diff --git a/‎cloudfront-security-headers/README.md
+18-15 b/‎cloudfront-security-headers/README.md
+18-15
@@ -1,17 +1,20 @@
 # AWS Lambda
+
 A collection of functions for [AWS Lambda](https://aws.amazon.com/lambda/).
 
 ## Functions
-* [Authorize the client IP for an EC2 security group](authorize-ip)
-* [Return authorized keys for EC2 SSH access](ssh-authorized-keys)
-* [Grant bucket owner full control over an S3 object](bucket-owner-full-control)
-* [CloudWatch alarm notifications to Slack](cloudwatch-alarm-to-slack)
-* [CloudWatch Events to BuildKite](cloudwatch-events-to-buildkite)
-* [CloudWatch Logs to Elastic Cloud](cloudwatch-logs-to-elastic-cloud)
-* [Elastic Beanstalk events to Slack](elastic-beanstalk-events-to-slack)
-* [Subdomain or parent domain redirect](subdomain-redirect)
-* [Security headers for CloudFront](cloudfront-security-headers)
-* [Host header as X-Forwarded-Host for CloudFront](cloudfront-forwarded-host)
+
+- [Authorize the client IP for an EC2 security group](authorize-ip)
+- [Return authorized keys for EC2 SSH access](ssh-authorized-keys)
+- [Grant bucket owner full control over an S3 object](bucket-owner-full-control)
+- [CloudWatch alarm notifications to Slack](cloudwatch-alarm-to-slack)
+- [CloudWatch Events to BuildKite](cloudwatch-events-to-buildkite)
+- [CloudWatch Logs to Elastic Cloud](cloudwatch-logs-to-elastic-cloud)
+- [Elastic Beanstalk events to Slack](elastic-beanstalk-events-to-slack)
+- [Subdomain or parent domain redirect](subdomain-redirect)
+- [Security headers for CloudFront](cloudfront-security-headers)
+- [Host header as X-Forwarded-Host for CloudFront](cloudfront-forwarded-host)
 
 ## License
+
 Released under the [MIT license](https://opensource.org/licenses/MIT).
@@ -1,11 +1,13 @@
 # authorize-ip
-[AWS Lambda](https://aws.amazon.com/lambda/) function to authorize the
-client IP for an EC2 security group.  
+
+[AWS Lambda](https://aws.amazon.com/lambda/) function to authorize the client IP
+for an EC2 security group.  
 Meant to be used with [Amazon API Gateway](https://aws.amazon.com/api-gateway/).
 
 ## Setup
 
 ### IAM role creation
+
 Create a new [IAM](https://aws.amazon.com/iam/) role with the name
 `aws-lambda-authorize-ip-role`. Select the AWS Lambda role type and attach the
 managed policy `AWSLambdaBasicExecutionRole`.  
@@ -33,40 +35,43 @@ Attach an additional inline policy with the following content, replacing
 }
 ```
 
-**Notice:**  
+**Notice:**
+
 > The `ec2:DescribeSecurityGroups` action currently does not support
 > [resource-level permissions](http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ec2-api-permissions.html);
-> therefore, the `*` wildcard is used for the Resource element in the
-> statement.
+> therefore, the `*` wildcard is used for the Resource element in the statement.
 
 ### Function configuration
-Add the function code to AWS Lambda with the following configuration options:  
 
-Key     | Value
---------|--------------
-Runtime | Node.js 10.x
-Handler | index.handler
-Role    | aws-lambda-authorize-ip-role
-Memory  | 128 (MB)
-Timeout | 3 sec
+Add the function code to AWS Lambda with the following configuration options:
+
+| Key     | Value                        |
+| ------- | ---------------------------- |
+| Runtime | Node.js 10.x                 |
+| Handler | index.handler                |
+| Role    | aws-lambda-authorize-ip-role |
+| Memory  | 128 (MB)                     |
+| Timeout | 3 sec                        |
 
 ### Environment variables
+
 Set the following required environment variables for the Lambda function:
 
-Key      | Value
----------|--------------
-groupid  | The ID of the security group, e.g. ``"sg-xxxxxxxx"``.
+| Key     | Value                                               |
+| ------- | --------------------------------------------------- |
+| groupid | The ID of the security group, e.g. `"sg-xxxxxxxx"`. |
 
 Set the following optional environment variables for the Lambda function:
 
-Key          | Value
--------------|--------------
-protocol     | The protocol to authorize, defaults to ``"tcp"``.
-port         | The port to authorize, defaults to `22` (SSH).
-description  | Description for the inbound rule, defaults to `"authorize-ip"`.
-keepipranges | Comma-separated IP ranges to exclude from cleanup.
+| Key          | Value                                                           |
+| ------------ | --------------------------------------------------------------- |
+| protocol     | The protocol to authorize, defaults to `"tcp"`.                 |
+| port         | The port to authorize, defaults to `22` (SSH).                  |
+| description  | Description for the inbound rule, defaults to `"authorize-ip"`. |
+| keepipranges | Comma-separated IP ranges to exclude from cleanup.              |
 
 ### Trigger configuration
+
 Add an `API Gateway` trigger.  
 This endpoint can then be used to authorize the IP of the requesting client.  
 [test-event.json](test-event.json) contains a sample API Gateway event.
@@ -77,7 +82,9 @@ trigger with a cron expression, e.g. `cron(0 3 * * ? *)` to run at 03:00 am
 [test-event2.json](test-event2.json) contains sample Cloudwatch Event data.
 
 ## License
+
 Released under the [MIT license](https://opensource.org/licenses/MIT).
 
 ## Author
+
 [Sebastian Tschan](https://blueimp.net/)
@@ -1,10 +1,12 @@
 # bucket-owner-full-control
+
 [AWS Lambda](https://aws.amazon.com/lambda/) function to grant the bucket owner
 full control over an S3 object.
 
 ## Setup
 
 ### Prerequisites
+
 This setup assumes two AWS accounts. The main account (`Account A`) grants
 another account (`Account B`) access to an S3 bucket via
 [bucket policy](http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html),
@@ -19,10 +21,7 @@ e.g. the following:
         "AWS": "arn:aws:iam::ACCOUNT_ID:root"
       },
       "Action": "s3:*",
-      "Resource": [
-        "arn:aws:s3:::BUCKET_NAME",
-        "arn:aws:s3:::BUCKET_NAME/*"
-      ]
+      "Resource": ["arn:aws:s3:::BUCKET_NAME", "arn:aws:s3:::BUCKET_NAME/*"]
     }
   ]
 }
@@ -43,10 +42,7 @@ A sample bucket policy with this restriction would be the following:
         "AWS": "arn:aws:iam::ACCOUNT_ID:root"
       },
       "Action": "s3:*",
-      "Resource": [
-        "arn:aws:s3:::BUCKET_NAME",
-        "arn:aws:s3:::BUCKET_NAME/*"
-      ]
+      "Resource": ["arn:aws:s3:::BUCKET_NAME", "arn:aws:s3:::BUCKET_NAME/*"]
     },
     {
       "Effect": "Deny",
@@ -65,7 +61,8 @@ A sample bucket policy with this restriction would be the following:
 }
 ```
 
-A sample [s3 put-object](http://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html)
+A sample
+[s3 put-object](http://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html)
 command with the required `bucket-owner-full-control` ACL as argument:
 
 ```sh
@@ -81,6 +78,7 @@ application like [Cyberduck](https://cyberduck.io/), this Lambda function comes
 in handy.
 
 ### IAM roles creation
+
 In `Account B`, create a new cross-account [IAM](https://aws.amazon.com/iam/)
 role. Fill in the account ID of `Account A` as account that can use this role.
 As role name, choose `bucket-owner-full-control-role`.
@@ -127,29 +125,34 @@ After creating the role, attach the following inline policy, replacing
 ```
 
 ### Function configuration
-Add the function code to AWS Lambda with the following configuration options:  
 
-Key     | Value
---------|--------------
-Runtime | Node.js 10.x
-Handler | index.handler
-Role    | aws-lambda-bucket-owner-role
-Memory  | 128 (MB)
-Timeout | 3 sec
+Add the function code to AWS Lambda with the following configuration options:
+
+| Key     | Value                        |
+| ------- | ---------------------------- |
+| Runtime | Node.js 10.x                 |
+| Handler | index.handler                |
+| Role    | aws-lambda-bucket-owner-role |
+| Memory  | 128 (MB)                     |
+| Timeout | 3 sec                        |
 
 ### Environment variables
+
 Set the following required environment variable for the Lambda function:
 
-Key     | Value
---------|--------------
-rolearn | The ARN of the `bucket-owner-full-control-role` of `Account B`.
+| Key     | Value                                                           |
+| ------- | --------------------------------------------------------------- |
+| rolearn | The ARN of the `bucket-owner-full-control-role` of `Account B`. |
 
 ### Trigger configuration
+
 Add an `S3` trigger for your bucket with the `PUT` event type.  
 [test-event.json](test-event.json) contains a sample S3 PUT event.
 
 ## License
+
 Released under the [MIT license](https://opensource.org/licenses/MIT).
 
 ## Author
+
 [Sebastian Tschan](https://blueimp.net/)
@@ -1,11 +1,13 @@
 # cloudfront-forwarded-host
+
 [AWS Lambda@Edge](https://aws.amazon.com/lambda/edge/) function to forward the
 `Host` header as `X-Forwarded-Host` to a
 [CloudFront](https://aws.amazon.com/cloudfront/) origin.
 
 ## Setup
 
 ### IAM role creation
+
 Create a new [IAM](https://aws.amazon.com/iam/) role with the name
 `aws-lambda-edge-execution-role` and the following trust relationship:
 
@@ -16,10 +18,7 @@ Create a new [IAM](https://aws.amazon.com/iam/) role with the name
     {
       "Effect": "Allow",
       "Principal": {
-        "Service": [
-          "lambda.amazonaws.com",
-          "edgelambda.amazonaws.com"
-        ]
+        "Service": ["lambda.amazonaws.com", "edgelambda.amazonaws.com"]
       },
       "Action": "sts:AssumeRole"
     }
@@ -28,28 +27,32 @@ Create a new [IAM](https://aws.amazon.com/iam/) role with the name
 ```
 
 ### Function configuration
+
 Add the function code to AWS Lambda in the `US East (N. Virginia)` region with
-the following configuration options:  
+the following configuration options:
 
-Key     | Value
---------|--------------
-Runtime | Node.js 10.x
-Handler | index.handler
-Role    | aws-lambda-edge-execution-role
-Memory  | 128 (MB)
-Timeout | 1 sec
+| Key     | Value                          |
+| ------- | ------------------------------ |
+| Runtime | Node.js 10.x                   |
+| Handler | index.handler                  |
+| Role    | aws-lambda-edge-execution-role |
+| Memory  | 128 (MB)                       |
+| Timeout | 1 sec                          |
 
 Next publish a version of the function and copy its
 [Lambda Function ARN](http://docs.aws.amazon.com/lambda/latest/dg/versioning-intro.html).
 
 ### CloudFront configuration
-In the behavior settings of the CloudFront distribution, add a new
-**Lambda Function Association** with the **Event Type** `Viewer Request` and
-the **Lambda Function ARN** copied from the function configuration.  
+
+In the behavior settings of the CloudFront distribution, add a new **Lambda
+Function Association** with the **Event Type** `Viewer Request` and the **Lambda
+Function ARN** copied from the function configuration.  
 Save your edits and wait until the new settings have been deployed.
 
 ## License
+
 Released under the [MIT license](https://opensource.org/licenses/MIT).
 
 ## Author
+
 [Sebastian Tschan](https://blueimp.net/)
@@ -1,11 +1,13 @@
 # cloudfront-security-headers
+
 [AWS Lambda@Edge](https://aws.amazon.com/lambda/edge/) function to add common
 security headers for static content served via
 [CloudFront](https://aws.amazon.com/cloudfront/).
 
 ## Setup
 
 ### IAM role creation
+
 Create a new [IAM](https://aws.amazon.com/iam/) role with the name
 `aws-lambda-edge-execution-role` and the following trust relationship:
 
@@ -16,10 +18,7 @@ Create a new [IAM](https://aws.amazon.com/iam/) role with the name
     {
       "Effect": "Allow",
       "Principal": {
-        "Service": [
-          "lambda.amazonaws.com",
-          "edgelambda.amazonaws.com"
-        ]
+        "Service": ["lambda.amazonaws.com", "edgelambda.amazonaws.com"]
       },
       "Action": "sts:AssumeRole"
     }
@@ -28,28 +27,32 @@ Create a new [IAM](https://aws.amazon.com/iam/) role with the name
 ```
 
 ### Function configuration
+
 Add the function code to AWS Lambda in the `US East (N. Virginia)` region with
-the following configuration options:  
+the following configuration options:
 
-Key     | Value
---------|--------------
-Runtime | Node.js 10.x
-Handler | index.handler
-Role    | aws-lambda-edge-execution-role
-Memory  | 128 (MB)
-Timeout | 3 sec
+| Key     | Value                          |
+| ------- | ------------------------------ |
+| Runtime | Node.js 10.x                   |
+| Handler | index.handler                  |
+| Role    | aws-lambda-edge-execution-role |
+| Memory  | 128 (MB)                       |
+| Timeout | 3 sec                          |
 
 Next publish a version of the function and copy its
 [Lambda Function ARN](http://docs.aws.amazon.com/lambda/latest/dg/versioning-intro.html).
 
 ### CloudFront configuration
-In the behavior settings of the CloudFront distribution, add a new
-**Lambda Function Association** with the **Event Type** `Origin Response` and
-the **Lambda Function ARN** copied from the function configuration.  
+
+In the behavior settings of the CloudFront distribution, add a new **Lambda
+Function Association** with the **Event Type** `Origin Response` and the
+**Lambda Function ARN** copied from the function configuration.  
 Save your edits and wait until the new settings have been deployed.
 
 ## License
+
 Released under the [MIT license](https://opensource.org/licenses/MIT).
 
 ## Author
+
 [Sebastian Tschan](https://blueimp.net/)