diff --git a/.circleci/config.yml b/.circleci/config.yml
deleted file mode 100644
index 713d362..0000000
--- a/.circleci/config.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-jobs:
-  validate:
-    docker:
-    - auth:
-        password: $DOCKER_PASSWORD
-        username: $DOCKER_USERNAME
-      image: trussworks/circleci:29ab89fdada1f85c5d8fb685a2c71660f0c5f60c
-    steps:
-    - checkout
-    - restore_cache:
-        keys:
-        - pre-commit-dot-cache-{{ checksum ".pre-commit-config.yaml" }}
-    - run:
-        command: pre-commit run --all-files
-        name: Run pre-commit tests
-    - save_cache:
-        key: pre-commit-dot-cache-{{ checksum ".pre-commit-config.yaml" }}
-        paths:
-        - ~/.cache/pre-commit
-version: 2.1
-workflows:
-  validate:
-    jobs:
-    - validate:
-        context:
-        - org-global
-  version: 2.1
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
new file mode 100644
index 0000000..fac0b59
--- /dev/null
+++ b/.github/workflows/validate.yml
@@ -0,0 +1,13 @@
+name: validate
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  validate:
+    uses: trussworks/shared-actions/.github/workflows/validate.yml@main
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index e5d2547..3818b55 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -17,7 +17,7 @@ repos:
       - id: markdownlint
 
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.45.0
+    rev: v1.75.0
     hooks:
       - id: terraform_docs
       - id: terraform_fmt
diff --git a/README.md b/README.md
index fb6a491..acfe476 100644
--- a/README.md
+++ b/README.md
@@ -38,33 +38,53 @@ module "rds-snapshot-cleaner" {
 
 | Name | Version |
 |------|---------|
-| terraform | >= 0.13.0 |
-| aws | >= 3.0 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| aws | >= 3.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_event_rule.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
+| [aws_cloudwatch_event_target.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
+| [aws_cloudwatch_log_group.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_iam_role.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
+| [aws_lambda_function.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_permission.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| cleaner\_db\_instance\_identifier | The RDS database instance identifier. | `string` | n/a | yes |
-| cleaner\_dry\_run | Don't make any changes and log what would have happened. | `string` | n/a | yes |
-| cleaner\_max\_db\_snapshot\_count | The maximum number of manual snapshots allowed. This takes precedence over -retention-days. | `string` | `""` | no |
-| cleaner\_retention\_days | The maximum retention age in days. | `string` | n/a | yes |
-| cloudwatch\_kms\_key\_arn | ARN of the Cloudwatch KMS key used for encrypting Cloudwatch log groups. | `string` | `""` | no |
-| cloudwatch\_logs\_retention\_days | Number of days to keep logs in AWS CloudWatch. | `string` | `90` | no |
-| environment | Environment tag, e.g prod. | `any` | n/a | yes |
-| interval\_minutes | How often to run the Lambda function in minutes. | `string` | `5` | no |
-| kms\_key\_arn | ARN of the KMS key used for encrypting environment variables. | `string` | `""` | no |
-| s3\_bucket | The name of the S3 bucket used to store the Lambda builds. | `string` | n/a | yes |
-| version\_to\_deploy | The version the Lambda function to deploy. | `string` | n/a | yes |
+| <a name="input_cleaner_db_instance_identifier"></a> [cleaner\_db\_instance\_identifier](#input\_cleaner\_db\_instance\_identifier) | The RDS database instance identifier. | `string` | n/a | yes |
+| <a name="input_cleaner_dry_run"></a> [cleaner\_dry\_run](#input\_cleaner\_dry\_run) | Don't make any changes and log what would have happened. | `string` | n/a | yes |
+| <a name="input_cleaner_max_db_snapshot_count"></a> [cleaner\_max\_db\_snapshot\_count](#input\_cleaner\_max\_db\_snapshot\_count) | The maximum number of manual snapshots allowed. This takes precedence over -retention-days. | `string` | `""` | no |
+| <a name="input_cleaner_retention_days"></a> [cleaner\_retention\_days](#input\_cleaner\_retention\_days) | The maximum retention age in days. | `string` | n/a | yes |
+| <a name="input_cloudwatch_kms_key_arn"></a> [cloudwatch\_kms\_key\_arn](#input\_cloudwatch\_kms\_key\_arn) | ARN of the Cloudwatch KMS key used for encrypting Cloudwatch log groups. | `string` | `""` | no |
+| <a name="input_cloudwatch_logs_retention_days"></a> [cloudwatch\_logs\_retention\_days](#input\_cloudwatch\_logs\_retention\_days) | Number of days to keep logs in AWS CloudWatch. | `string` | `90` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | Environment tag, e.g prod. | `any` | n/a | yes |
+| <a name="input_interval_minutes"></a> [interval\_minutes](#input\_interval\_minutes) | How often to run the Lambda function in minutes. | `string` | `5` | no |
+| <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | ARN of the KMS key used for encrypting environment variables. | `string` | `""` | no |
+| <a name="input_s3_bucket"></a> [s3\_bucket](#input\_s3\_bucket) | The name of the S3 bucket used to store the Lambda builds. | `string` | n/a | yes |
+| <a name="input_version_to_deploy"></a> [version\_to\_deploy](#input\_version\_to\_deploy) | The version the Lambda function to deploy. | `string` | n/a | yes |
 
 ## Outputs
 
-No output.
-
+No outputs.
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
\ No newline at end of file