VAULT-35642: Adding comments for Enos premade aws role and policy (#30731)

* adding comments for premade aws role and policy

* fixing comments

enos/modules/verify_secrets_engines/modules/create/aws/aws.tf

@@ -76,11 +76,16 @@ data "aws_caller_identity" "current" {}
 
 data "aws_region" "current" {}
 
-# Using Pre-made policy and role
+# The "DemoUser" policy is a predefined policy created by the security team.
+# This policy grants the necessary AWS permissions required for role generation via Vault.
+# Reference: https://github.com/hashicorp/honeybee-templates/blob/main/templates/iam_policy/DemoUser.yaml
 data "aws_iam_policy" "premade_demo_user_policy" {
   name = "DemoUser"
 }
 
+# This role was provisioned by the security team using the repository referenced below.
+# This role includes the necessary policies to enable AWS credential generation and rotation via Vault.
+# Reference: https://github.com/hashicorp/honeybee-templates/blob/main/templates/iam_role/vault-assumed-role-credentials-demo.yaml
 data "aws_iam_role" "premade_demo_assumed_role" {
   name = "vault-assumed-role-credentials-demo"
 }

enos/modules/verify_secrets_engines/modules/read/aws/aws.tf

@@ -42,7 +42,7 @@ variable "verify_aws_engine_creds" {
   type = bool
 }
 
-# Verify PKI Certificate
+# Verify AWS Engine
 resource "enos_remote_exec" "aws_verify_new_creds" {
   for_each = var.hosts