diff --git a/examples/cis/outputs.tf b/examples/cis/outputs.tf
index 48afb35..6af23d7 100644
--- a/examples/cis/outputs.tf
+++ b/examples/cis/outputs.tf
@@ -1,5 +1,6 @@
 output "enabled_rules" {
-  value = module.cis_rules.rules
+  value       = module.cis_rules.rules
+  description = "The output of the enabled CIS rules"
 }
 
 output "config_recorder_id" {
diff --git a/main.tf b/main.tf
index 00f617c..03c7513 100644
--- a/main.tf
+++ b/main.tf
@@ -55,7 +55,7 @@ resource "aws_config_configuration_recorder_status" "recorder_status" {
 }
 
 resource "aws_config_config_rule" "rules" {
-  for_each   = module.this.enabled ? var.managed_rules : {}
+  for_each   = module.this.enabled ? { for k, v in var.managed_rules : k => v if v.enabled } : {}
   depends_on = [aws_config_configuration_recorder_status.recorder_status]
 
   name        = each.key
diff --git a/modules/cis-1-2-rules/outputs.tf b/modules/cis-1-2-rules/outputs.tf
index 68df24a..a25fa9e 100644
--- a/modules/cis-1-2-rules/outputs.tf
+++ b/modules/cis-1-2-rules/outputs.tf
@@ -1,3 +1,4 @@
 output "rules" {
-  value = local.enabled_rules
+  value       = local.enabled_rules
+  description = "Enabled rules"
 }
diff --git a/modules/cis-1-2-rules/versions.tf b/modules/cis-1-2-rules/versions.tf
new file mode 100644
index 0000000..5acf068
--- /dev/null
+++ b/modules/cis-1-2-rules/versions.tf
@@ -0,0 +1,15 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.0"
+    }
+
+    http = {
+      source  = "hashicorp/http"
+      version = ">= 3.4.1"
+    }
+  }
+}
diff --git a/modules/conformance-pack/outputs.tf b/modules/conformance-pack/outputs.tf
index 4826c7f..4332d63 100644
--- a/modules/conformance-pack/outputs.tf
+++ b/modules/conformance-pack/outputs.tf
@@ -1,3 +1,4 @@
 output "arn" {
-  value = aws_config_conformance_pack.default.arn
+  value       = aws_config_conformance_pack.default.arn
+  description = "ARN of the conformance pack"
 }