Added documentation for aws ps push secret

Signed-off-by: Marcus Dantas <marcus.dantas@engineerbetter.com>
Co-authored-by: Nick Ruffles <nick.ruffles@engineerbetter.com>

docs/provider/aws-parameter-store.md

@@ -29,9 +29,11 @@ Create a IAM Policy to pin down access to secrets matching `dev-*`, for further
     {
       "Effect": "Allow",
       "Action": [
-        "ssm:GetParameter*"
+        "ssm:GetParameterWithContext",
+        "ssm:ListTagsForResourceWithContext",
+        "ssm:DescribeParametersWithContext",
       ],
-      "Resource": "arn:aws:ssm:us-east-2:123456789012:parameter/dev-*"
+      "Resource": "arn:aws:ssm:us-east-2:1234567889911:parameter/dev-*"
     }
   ]
 }
@@ -71,16 +73,54 @@ spec:
       property: friends.1.first # Roger
 
 ```
+### Parameter Versions
 
-## Push Secret
+ParameterStore creates a new version of a parameter every time it is updated with a new value. The parameter can be referenced via the `version` property
+
+## SetSecret
+
+The SetSecret method for the Parameter Store allows the user to set the value stored within the Kubernetes cluster to the remote AWS Parameter Store.
 
 ### Creating a Push Secret
 
-#### Add push secret
+```yaml
+{% include "full-pushsecret.yaml" %}
+```
 
 #### Check successful secret sync
 
+To be able to check that the secret has been succesfully synced you can run the following command:
+
+```bash
+kubectl get pushsecret pushsecret-example
+```
+
+If the secret has synced successfully it will show the status as "Synced".
+
 #### Test new secret using AWS CLI
 
+To View your parameter on AWS Parameter Store using the AWS CLI, install and login to the AWS CLI using the following guide: [AWS CLI](https://aws.amazon.com/cli/).
+
+Run the following commands to get your synchronized parameter from AWS Parameter Store:
+
+```bash
+aws ssm get-parameter --name=my-first-parameter --region=us-east-1
+```
+
+You should see something similar to the following output:
+
+```json
+{
+    "Parameter": {
+        "Name": "my-first-parameter",
+        "Type": "String",
+        "Value": "charmander",
+        "Version": 4,
+        "LastModifiedDate": "2022-09-15T13:04:31.098000-03:00",
+        "ARN": "arn:aws:ssm:us-east-1:1234567890123:parameter/my-first-parameter",
+        "DataType": "text"
+    }
+}
+```
 
 --8<-- "snippets/provider-aws-access.md"

docs/snippets/full-pushsecret.yaml

@@ -1,7 +1,7 @@
 apiVersion: external-secrets.io/v1alpha1
 kind: PushSecret
 metadata:
-  name: pushsecret-example
+  name: pushsecret-example # Customisable
   namespace: default # Same of the SecretStores
 spec:
   refreshInterval: 10s # Refresh interval for which push secret will reconcile
@@ -10,9 +10,9 @@ spec:
       kind: SecretStore
   selector:
     secret:
-      name: pokedex-credentials # Source secret to be pushed
+      name: pokedex-credentials # Source Kubernetes secret to be pushed
   data:
     - match:
-        secretKey: best-pokemon # Source secret key to be pushed
+        secretKey: best-pokemon # Source Kubernetes secret key to be pushed
         remoteRefs:
           - remoteKey: my-first-parameter # Remote reference (where the secret is going to be pushed)