update docs (#145)

* update docs

* Apply suggestions from code review

Co-authored-by: annejuan-okta <[email protected]>

* Apply suggestions from code review

Co-authored-by: annejuan-okta <[email protected]>

* additional updates

---------

Co-authored-by: annejuan-okta <[email protected]>

Author: SajanAlexander-okta

docs/index.md

@@ -5,7 +5,9 @@ description: |-
 
 ## oktapam Provider
 
-The Okta PAM Terraform Provider is used to interact with Okta's Advanced Server Access product. This provider supports common ASA use cases such as automating the creation of ASA Projects, obtaining enrollment tokens to enroll servers in ASA Projects as part of server builds, and granting access to ASA servers by assigning ASA Groups to Projects. The provider is intended as a full replacement for the [classic ASA Terraform provider](https://registry.terraform.io/providers/oktadeveloper/oktaasa/1.0.1). Users of the oktaasa Terraform provider are encouraged to migrate to the Okta PAM Terraform Provider.
+The Okta PAM Terraform Provider interacts with the Okta Privileged Access (OPA) product.  This provider supports common OPA use cases such as automating the creation of OPA resource groups and projects, obtaining enrollment tokens to enroll servers in OPA Projects as part of server builds, creating secret folders, and assigning access via OPA security policies.
+
+This provider can also be used for the Advanced Server Access (ASA) product. Not all resources apply to both OPA and ASA.  The provider is intended as a full replacement for the [classic ASA Terraform provider](https://registry.terraform.io/providers/oktadeveloper/oktaasa/1.0.1). Users of the oktaasa Terraform provider are encouraged to migrate to the Okta PAM Terraform provider.
 
 ### Key differences between oktaasa provider and Okta PAM Terraform Provider
 - Project resources now support additional parameters for configuring server access behaviors.
@@ -15,16 +17,15 @@ The Okta PAM Terraform Provider is used to interact with Okta's Advanced Server
 - Adds support for configuring Active Directory connections for supporting AD Joined user authentication.
 - Data sources are now available for AD connections, Gateway Setup and Server Enrollment tokens and Projects/Project Groups.
 
-Additionally, this provider adds support for specific Beta features. Users should not use resources marked as 'Beta' in production environments and before confirming that the Beta feature has been enabled for your ASA team.
+Additionally, this provider adds support for specific Beta features. Users should not use resources marked as 'Beta' in production environments and before confirming that the Beta feature has been enabled for your OPA or ASA team.
 
 ## Authentication
-The Okta PAM Providers requires a Service User account that is granted the 'Admin' role be created. This Service User account will be used by the Provider to authenticate to ASA.
-
+The Okta PAM providers require a service user account that is granted the administrator role(s). The provider uses the service user account to authenticate to OPA or ASA.
 
-1) Follow the [guide](https://help.okta.com/asa/en-us/Content/Topics/Adv_Server_Access/docs/service-users.htm) to create a Service User account with Admin permissions
-- Use your ASA Team name (same team that the service account in step 1 resides in) as the value for the 'oktapam_team' value.
-- Use the Service Account ID for the 'oktapam_key' value
-- Use the Service Account key for the 'oktapam_secret' value.
+1) Follow the [guide](https://help.okta.com/en-us/content/topics/privileged-access/pam-service-users.htm) to create a service user account with administrator permissions.
+- Use your OPA or ASA Team name (the same team that the service account in step 1 resides in) as the value for the 'oktapam_team' value.
+- Use the service account ID for the 'oktapam_key' value.
+- Use the service account key for the 'oktapam_secret' value.
 
 ## Schema
 
@@ -36,4 +37,4 @@ The Okta PAM Providers requires a Service User account that is granted the 'Admi
 
 ### Optional
 
-- `oktapam_api_host` (String) Okta PAM API Host
+- `oktapam_api_host` (String) Okta PAM API Host. Note that this will be required when using an OPA account.

templates/index.md.tmpl

@@ -5,7 +5,9 @@ description: |-
 
 ## {{ .ProviderShortName }} Provider
 
-The Okta PAM Terraform Provider is used to interact with Okta's Advanced Server Access product. This provider supports common ASA use cases such as automating the creation of ASA Projects, obtaining enrollment tokens to enroll servers in ASA Projects as part of server builds, and granting access to ASA servers by assigning ASA Groups to Projects. The provider is intended as a full replacement for the [classic ASA Terraform provider](https://registry.terraform.io/providers/oktadeveloper/oktaasa/1.0.1). Users of the oktaasa Terraform provider are encouraged to migrate to the Okta PAM Terraform Provider.
+The Okta PAM Terraform Provider interacts with the Okta Privileged Access (OPA) product.  This provider supports common OPA use cases such as automating the creation of OPA resource groups and projects, obtaining enrollment tokens to enroll servers in OPA Projects as part of server builds, creating secret folders, and assigning access via OPA security policies.
+
+This provider can also be used for the Advanced Server Access (ASA) product. Not all resources apply to both OPA and ASA.  The provider is intended as a full replacement for the [classic ASA Terraform provider](https://registry.terraform.io/providers/oktadeveloper/oktaasa/1.0.1). Users of the oktaasa Terraform provider are encouraged to migrate to the Okta PAM Terraform provider.
 
 ### Key differences between oktaasa provider and Okta PAM Terraform Provider
 - Project resources now support additional parameters for configuring server access behaviors.
@@ -15,16 +17,15 @@ The Okta PAM Terraform Provider is used to interact with Okta's Advanced Server
 - Adds support for configuring Active Directory connections for supporting AD Joined user authentication.
 - Data sources are now available for AD connections, Gateway Setup and Server Enrollment tokens and Projects/Project Groups.
 
-Additionally, this provider adds support for specific Beta features. Users should not use resources marked as 'Beta' in production environments and before confirming that the Beta feature has been enabled for your ASA team.
+Additionally, this provider adds support for specific Beta features. Users should not use resources marked as 'Beta' in production environments and before confirming that the Beta feature has been enabled for your OPA or ASA team.
 
 ## Authentication
-The Okta PAM Providers requires a Service User account that is granted the 'Admin' role be created. This Service User account will be used by the Provider to authenticate to ASA.
-
+The Okta PAM providers require a service user account that is granted the administrator role(s). The provider uses the service user account to authenticate to OPA or ASA.
 
-1) Follow the [guide](https://help.okta.com/asa/en-us/Content/Topics/Adv_Server_Access/docs/service-users.htm) to create a Service User account with Admin permissions
-- Use your ASA Team name (same team that the service account in step 1 resides in) as the value for the 'oktapam_team' value.
-- Use the Service Account ID for the 'oktapam_key' value
-- Use the Service Account key for the 'oktapam_secret' value.
+1) Follow the [guide](https://help.okta.com/en-us/content/topics/privileged-access/pam-service-users.htm) to create a service user account with administrator permissions.
+- Use your OPA or ASA Team name (the same team that the service account in step 1 resides in) as the value for the 'oktapam_team' value.
+- Use the service account ID for the 'oktapam_key' value.
+- Use the service account key for the 'oktapam_secret' value.
 
 ## Schema
 
@@ -36,4 +37,4 @@ The Okta PAM Providers requires a Service User account that is granted the 'Admi
 
 ### Optional
 
-- `oktapam_api_host` (String) Okta PAM API Host
+- `oktapam_api_host` (String) Okta PAM API Host. Note that this will be required when using an OPA account.