diff --git a/modules/aws/event_bridge/event_bridge_rule/README.md b/modules/aws/event_bridge/event_bridge_rule/README.md
new file mode 100644
index 0000000..63a4a08
--- /dev/null
+++ b/modules/aws/event_bridge/event_bridge_rule/README.md
@@ -0,0 +1,65 @@
+
+# Terraform Module - Event Bridge Rule
+
+A terraform module that creates an EventBridge rule which listens for matched security-hub events and forward them to the event-bus in another account.
+If a matching pattern is found (based on ["aws.securityhub"]), then the event will be forwarded to the given target.
+
+A good use-case for this module is to selectively forward security-hub findings to an event-bus in LogArchive Account wheree it will be further sent to Kinesis Firehose stream for onward ingestion into Splunk.
+
+ Example usage: terragrunt.hcl
+
+ ```hcl
+ inputs = {
+ create_event_bus = false
+ event_bus_name = "default"
+ event_rule_name = "CoreCloudForwardSecurityHubToLogArchive"
+ event_rule_description = "Forward Security Hub findings from Audit to Log Archive"
+ event_sources = ["aws.securityhub"]
+ target_arn = "arn:aws:events:eu-west-2:968840656855:event-bus/cc-firehose-splunk" # event-bus as target
+ role_name = "CoreCloudEventBridgeForwarderRole"
+ role_actions = ["events:PutEvents"]
+ }
+ ```
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_event_bus.custom_event_bus](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_bus) | resource |
+| [aws_cloudwatch_event_rule.event_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
+| [aws_cloudwatch_event_target.event_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
+| [aws_iam_role.eventbridge_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.eventbridge_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [create\_event\_bus](#input\_create\_event\_bus) | whether to create event-bus or not: true or false | `bool` | n/a | yes |
+| [event\_bus\_name](#input\_event\_bus\_name) | Event bus name where rule is created | `string` | n/a | yes |
+| [event\_rule\_description](#input\_event\_rule\_description) | Description of the EventBridge rule | `string` | n/a | yes |
+| [event\_rule\_name](#input\_event\_rule\_name) | Name of the EventBridge rule | `string` | n/a | yes |
+| [event\_sources](#input\_event\_sources) | Event sources to match in the event pattern | `list(string)` | n/a | yes |
+| [role\_actions](#input\_role\_actions) | List of actions the IAM Role should allow | `list(string)` | n/a | yes |
+| [role\_name](#input\_role\_name) | IAM Role name for EventBridge | `string` | n/a | yes |
+| [target\_arn](#input\_target\_arn) | ARN of the target for the event rule | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [event\_bus\_arn](#output\_event\_bus\_arn) | ARN of the created EventBridge Event-Bus |
+| [event\_rule\_arn](#output\_event\_rule\_arn) | ARN of the created EventBridge rule |
+| [event\_target\_arn](#output\_event\_target\_arn) | ARN of the EventBridge target |
+| [iam\_role\_arn](#output\_iam\_role\_arn) | ARN of the IAM role used by EventBridge |
+
\ No newline at end of file