docs WIP

boxyhq · dcosta72 · Sep 12, 2022 · Sep 13, 2022 · Sep 14, 2022 · Sep 14, 2022
commit f0a30b5d5083c984fd44724977a0f2aea722bcc6
diff --git a/docs/terminus/architecture/index.md b/docs/terminus/architecture/index.md
@@ -1,6 +1,27 @@
 # Architecture
 
-Block diagrams, parts. Configurations. Go lang, cue, blockly.
+Terminus can be generally represented as the following:
 
 ![General Diagran](./general.png)
 ---------------
+
+Terminus is by design, a multicomponent decupled systems where data is protected from each of the components. Nothing travels in the clear unless explicitly set, thus enabling the implementation of the most stringent data privacy and data segregation policies. The data stored in the vault is encrypted as specified in the proxy and has no visibility on it
+
+From an architectural point of view, Terminus is made of the following components having the following responsibilities:
+
+- [Proxy Service](./proxy):
+    - Exposes a public facing API for storage and retrieval of data
+    - Via no code UI, allows the setup and configuration of the business data models to be encrypted and masked
+    - Implements the access control policies (ACP), including authentication, authorisation, role mapping and granular access
+    - Performs the relevant encryption/decryption/masking operations
+    - Interacts with external KMSs enabling BYOK models
+
+- [Vault Service](./vaultservice):
+    - Exposes a primitive private API for the proxy to store and retrieve data
+    - Enables an additional layer of encryption. Anything that travels to the vault, beyhond the business encryption policies gets encrypted at the vault level
+    - It has no knowledge or understanding of business models, treating the incoming and outgoing data completely transparently
+
+- [Persistence vault](./vault)
+    - Stores and retrieves data
+    - Has no knowledge of whatever payloads are stored internally
+
diff --git a/docs/terminus/architecture/proxy.md b/docs/terminus/architecture/proxy.md
@@ -0,0 +1 @@
+# Proxy Service
diff --git a/docs/terminus/architecture/vault.md b/docs/terminus/architecture/vault.md
@@ -0,0 +1 @@
+# Persistence Vault
diff --git a/docs/terminus/architecture/vaultservice.md b/docs/terminus/architecture/vaultservice.md
@@ -0,0 +1 @@
+# Vault Service
diff --git a/sidebars.js b/sidebars.js
@@ -88,6 +88,24 @@ module.exports = {
           label: 'Architecture',
           link: { type: 'doc', id: 'terminus/architecture/index' },
           items: [
+            {
+              type: 'category',
+              label: 'Proxy Service',
+              link: { type: 'doc', id: 'terminus/architecture/proxy' },
+              items: [],
+            },
+            {
+              type: 'category',
+              label: 'Vault Service',
+              link: { type: 'doc', id: 'terminus/architecture/vaultservice' },
+              items: [],
+            },
+            {
+              type: 'category',
+              label: 'Persistent Vault',
+              link: { type: 'doc', id: 'terminus/architecture/vault' },
+              items: [],
+            },
             {
               type: 'category',
               label: 'Encryption',