documentation update

Makefile

@@ -1,7 +1,7 @@
 TEST?=$$(go list ./... | grep -v 'vendor')
 GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor)
 HOSTNAME=fortanix.com
-NAMESPACE=fyoo
+NAMESPACE=fortanix
 NAME=dsm
 BINARY=terraform-provider-${NAME}
 VERSION=0.5.9

docs/index.md

@@ -5,26 +5,106 @@ subcategory: ""
 description: |-
   
 ---
+# Introduction
 
-# dsm Provider
+The DSM Terraform Provider transforms the Fortanix Data Security Manager RESTful API functionality into easy to consume Terraform configurations. The usage of DSM Terraform Provider eliminates the need to understand how to consume raw Fortanix Data Security Manager APIs.
 
+## Prerequisites
 
 
+### Fortanix DSM Setup
 
+The usage of DSM Terraform Provider assumes the following is pre-configured in one's environment:
 
-<!-- schema generated by tfplugindocs -->
-## Schema
+* Up-to-date DSM deployment:
+  * Trial / Test environment maybe provisioned via [sdkms.fortanix.com](https://sdkms.fortanix.com)
+* Production / Test account or tenant has already been provisioned within Fortanix DSM
+  * Username, Password and the Account ID needs to be available during the DSM Terraform Provider initial setup
+  * Account ID maybe found from the UI by going to Settings:
+
+
+### _(Optional) AWS Setup / Permissions_
+
+To COPY local DSM keys to AWS KMS for Bring-Your-Own-Key (BYOK), appropriate permissions must be set. At a minimum, the following permissions must be set at a User or the Role to assume into:
+
+```
+"Action": [
+    "kms:CancelKeyDeletion",
+    "kms:CreateAlias",
+    "kms:CreateGrant",
+    "kms:CreateKey",
+    "kms:DeleteAlias",
+    "kms:DeleteImportedKeyMaterial",
+    "kms:Describe*",
+    "kms:DisableKey",
+    "kms:DisableKeyRotation",
+    "kms:EnableKey",
+    "kms:EnableKeyRotation",
+    "kms:GenerateDataKey",
+    "kms:GenerateDataKeyPair",
+    "kms:GenerateDataKeyPairWithoutPlaintext",
+    "kms:GenerateDataKeyWithoutPlaintext",
+    "kms:GenerateRandom",
+    "kms:Get*",
+    "kms:ImportKeyMaterial"
+    "kms:List*",
+    "kms:PutKeyPolicy",
+    "kms:RetireGrant",
+    "kms:RevokeGrant",
+    "kms:ScheduleKeyDeletion",
+    "kms:Sign",
+    "kms:TagResource",
+    "kms:UntagResource",
+    "kms:UpdateAlias",
+    "kms:Verify"
+]
+```
+
+
+## DSM
+
+Initial setup of the Fortanix DSM Provider to interact using Terraform.
+
+## Usage Reference
+
+```
+terraform {
+  required_providers {
+    dsm = {
+      version = "0.5.9"
+      source = "fortanix/dsm"
+    }
+  }
+}
+
+provider "dsm" {
+    endpoint = <sdkms_api_endpoint>
+    port     = <sdkms_api_port>
+    username = <sdkms_username>
+    password = <sdkms_password>
+    acct_id  = <sdkms_account_id>
+    insecure = <true/false>
+    api_key = <DSM App API key>
+    aws_profile = <AWS access key and secret>
+    aws_region <AWS region>
+    azure_region <Azure region>
+
+}
+```
+
+## Argument Reference
+
+The following arguments are supported in the `dsm` provider block:
+
+* **endpoint**: Cluster IP address
+* _**port (optional)**_: Cluster access port
+* **username**: Login username
+* **password**: Login password
+* **acct\_id**: Account / Tenant ID
+* _**insecure (optional)**_: Disables the SSL of Fortanix DSM
+*	_**api\_key (optional)**_: The API of the app to authenticate to Fortanix DSM 
+*	**aws\_profile**: The AWS Access Key and Secret Access Key for programmatic (API) access to AWS Services
+*	_**aws\_region (optional)**_: The AWS region from which keys should be imported, by default it’s us-east-1 if not specified
+*	_**azure\_region (optional)**_: The regions where Fortanix DSM is supported. The default is us-east if not specified
 
-### Optional
 
-- `acct_id` (String)
-- `api_key` (String, Sensitive)
-- `aws_profile` (String)
-- `aws_region` (String)
-- `azure_region` (String)
-- `endpoint` (String)
-- `insecure` (Boolean)
-- `password` (String, Sensitive)
-- `port` (Number)
-- `timeout` (Number)
-- `username` (String)