Update readme.md on byo-firehose (#22451)

Add an example module to the readme

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

terraform/addons/byo-firehose-logging-destination/target-account/.header.md

@@ -6,4 +6,17 @@ The reason we need a local IAM role in your account is so that we can assume rol
 
 The Firehose service is KMS encrypted, so the IAM Role we assume into needs permission to the KMS key that is being used to encrypt the data going into Firehose. Additionally, if the data is being delivered to S3, it will also be encrypted with KMS using the AWS S3 KMS key that is managed by AWS. This is because only customer managed keys can be shared across accounts, and the Firehose delivery stream is actually the one writing to S3.
 
-This code sets up a secure and controlled environment for the Fleet application to perform its necessary actions on the Firehose service within your AWS Account.
+This code sets up a secure and controlled environment for the Fleet application to perform its necessary actions on the Firehose service within your AWS Account.
+
+If you wanted to make changes to the individual files to fit your environment, feel free. However, it's recommended to use a module like the example below for simplicity.
+
+```
+module "firehose_logging" {
+  source = "github.com/fleetdm/fleet//terraform/addons/byo-firehose-logging-destination/target-account"
+  
+  # Variables
+  osquery_logging_destination_bucket_name = {your-desired-bucket-prefix}
+  fleet_iam_role_arn                      = {supplied by Fleet}
+  sts_external_id                         = {if using}
+}
+```

terraform/addons/byo-firehose-logging-destination/target-account/README.md

@@ -8,6 +8,18 @@ The Firehose service is KMS encrypted, so the IAM Role we assume into needs perm
 
 This code sets up a secure and controlled environment for the Fleet application to perform its necessary actions on the Firehose service within your AWS Account.
 
+If you wanted to make changes to the individual files to fit your environment, feel free. However, it's recommended to use a module like the example below for simplicity.
+
+```
+module "firehose_logging" {
+  source = "github.com/fleetdm/fleet//terraform/addons/byo-firehose-logging-destination/target-account"
+  
+  # Variables
+  osquery_logging_destination_bucket_name = {your-desired-bucket-prefix}
+  fleet_iam_role_arn                      = {supplied by Fleet}
+  sts_external_id                         = {if using}
+}
+```
 ## Requirements
 
 | Name | Version |