diff --git a/docs/spicedb-dedicated/audit-logging.md b/docs/spicedb-dedicated/audit-logging.md
index f1059f1..ba6dc55 100644
--- a/docs/spicedb-dedicated/audit-logging.md
+++ b/docs/spicedb-dedicated/audit-logging.md
@@ -10,7 +10,7 @@ Audit Logging allows you to capture a log of all API calls made to SpiceDB, and
When enabled and properly configured, SpiceDB Enterprise will asynchronously log every API call made to it and emit a stream to your preferred log sink. The logs contain full details related to a request, including a hash of the API token, RPC, payload, request IP, response and any possible errors.
-For assistance in configuring Audit Logging please [contact us](/contact-us) or reach out to your dedicated account team.
+For assistance in configuring Audit Logging please [contact us](https://authzed.com/contact-us) or reach out to your dedicated account team.
## Supported Log Sink Types
@@ -20,4 +20,4 @@ Currently supported log sink types:
- Kinesis
- Firehose
-If you'd like to see additional log sinks please [contact us](/contact-us).
+If you'd like to see additional log sinks please [contact us](https://authzed.com/contact-us).
diff --git a/docs/spicedb-dedicated/dedicated-configuration.md b/docs/spicedb-dedicated/dedicated-configuration.md
new file mode 100644
index 0000000..69bb274
--- /dev/null
+++ b/docs/spicedb-dedicated/dedicated-configuration.md
@@ -0,0 +1,56 @@
+# SpiceDB Dedicated Configuration
+
+This guide provides information about the configuration options available to you when deploying a SpiceDB Dedicated Permissions System.
+
+## Configuration Options
+
+### Permissions System Type
+
+![permissions system type]({require("/img/ps-type.png").default})
+
+Please select the choice (Production or Development) that is appropriate for the Permissions System you are deploying. This choice will not effect the performance or security of your Permissions System, but may impact your Permissions System in the future, so please choose appropriately.
+
+### Datastore
+
+![datastore configuration]({require("/img/datastore-config-v2.png").default})
+
+Your SpiceDB Dedicated environment can be provisioned with multiple isolated [datastores](/spicedb/selecting-a-datastore.md). If you have more than one, choose the datastore that is appropriate for the Permissions System you are deploying.
+
+### Update Channel
+
+![channels config]({require("/img/channels-config.png").default})
+
+SpiceDB Dedicated has two update channels: `rapid` and `regular` . You can select the update channel when you launch the Permissions System or in the settings page after you’ve launched it.
+
+`rapid` - gets every release that is not a release candidate.
+
+`regular` - trails behind `rapid` by at least one release.
+
+After you’ve deployed your Permissions System, you can choose to keep up to date with a channel automatically, or you can “pin” to a version by un-checking the automatic updates box. If you uncheck the automatic release box, you’ll still be able to update, but will have to pick the next version manually.
+
+![update box]({require("/img/update_box_v2.png").default})
+
+### Rollout Strategy
+
+![rollout strategy]({require("/img/rollout-strategy.png").default})
+
+There are two rollout strategies: `rolling update` and `immediate`.
+
+- `rolling update` is a zero downtime strategy for upgrading to a new version. This is recommended for prod Permissions Systems.
+- `immediate` involves downtime, but is faster than `rolling update`.
+
+### Define Cluster(s)
+
+![define clusters]({require("/img/define-clusters-v2.png").default})
+
+#### Single region deployment
+
+If you are deploying a single region Permissions System, define a single cluster.
+
+#### Multi-region deployment
+
+Define a cluster for every region you want to deploy into.
+
+#### Cluster Class
+
+For production clusters, we recommend selecting the Cluster Class with the largest number of replicas and processing units. For non-production clusters, you can select whatever Cluster Class is appropriate for your workload. If you have questions about your overall utilization or would like to provision a custom Cluster Class, please [reach out to your AuthZed account team](https://authzed.com/call).
diff --git a/docs/spicedb-dedicated/dedicated-isolation.md b/docs/spicedb-dedicated/dedicated-isolation.md
new file mode 100644
index 0000000..128d55d
--- /dev/null
+++ b/docs/spicedb-dedicated/dedicated-isolation.md
@@ -0,0 +1,11 @@
+# SpiceDB Dedicated Isolation
+
+SpiceDB Dedicated isolates your workloads from other customers. Cloud accounts, compute resources, databases, and networking are all dedicated to you.
+
+Additionally, SpiceDB Dedicated allows you to deploy multiple isolated Permissions Systems into a single SpiceDB Dedicated environment. Each Permissions System has it’s own schema and set of relationships. Also, these Permissions Systems impose memory and CPU limits so one Permissions System can’t crowd out another Permissions System.
+
+By default, API tokens are scoped to a particular Permissions System. [Fine Grained Access Management (FGAM)](/spicedb-dedicated/fgam.md) can take this further by restricting API tokens to specified APIs, object types, or object IDs.
+
+The below diagram gives an overview of the SpiceDB Dedicated isolation model.
+
+![dedicated isolation model]({require("/img/dedicated_isolation_v3.png").default})
diff --git a/docs/spicedb-dedicated/overview.md b/docs/spicedb-dedicated/overview.md
index e710d0b..95a705f 100644
--- a/docs/spicedb-dedicated/overview.md
+++ b/docs/spicedb-dedicated/overview.md
@@ -20,7 +20,7 @@ Please [schedule a call](https://authzed.com/call) to learn more.
## How is SpiceDB Dedicated deployed?
-AuthZed provisions and manages an environment for you in a private account within our cloud provider organization. It comes with everything needed to run single and multi-region SpiceDB Permissions Systems in a cloud of your choice. We support AWS and GCP today, with Azure support coming. All resources are fully isolated and dedicated to you.
+AuthZed provisions and manages an environment for you in a private account within our cloud provider organization. It comes with everything needed to run single and multi-region SpiceDB Permissions Systems in a cloud of your choice. We support AWS and GCP today, with Azure support coming. [All resources are fully isolated and dedicated to you.](/spicedb-dedicated/dedicated-isolation.md)
## Pricing
diff --git a/sidebars.js b/sidebars.js
index 666d624..e99243b 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -59,6 +59,8 @@ module.exports = {
'spicedb-dedicated/overview',
'spicedb-dedicated/fgam',
'spicedb-dedicated/audit-logging',
+ 'spicedb-dedicated/dedicated-configuration',
+ 'spicedb-dedicated/dedicated-isolation',
{
type: 'category',
label: 'Networking',
diff --git a/static/img/channels-config.png b/static/img/channels-config.png
new file mode 100644
index 0000000..3237e6d
Binary files /dev/null and b/static/img/channels-config.png differ
diff --git a/static/img/datastore-config-v2.png b/static/img/datastore-config-v2.png
new file mode 100644
index 0000000..b104a29
Binary files /dev/null and b/static/img/datastore-config-v2.png differ
diff --git a/static/img/dedicated_isolation_v3.png b/static/img/dedicated_isolation_v3.png
new file mode 100644
index 0000000..ac8c115
Binary files /dev/null and b/static/img/dedicated_isolation_v3.png differ
diff --git a/static/img/define-clusters-v2.png b/static/img/define-clusters-v2.png
new file mode 100644
index 0000000..e6c9f4a
Binary files /dev/null and b/static/img/define-clusters-v2.png differ
diff --git a/static/img/ps-type.png b/static/img/ps-type.png
new file mode 100644
index 0000000..f4f8c6d
Binary files /dev/null and b/static/img/ps-type.png differ
diff --git a/static/img/rollout-strategy.png b/static/img/rollout-strategy.png
new file mode 100644
index 0000000..b9c5f9d
Binary files /dev/null and b/static/img/rollout-strategy.png differ
diff --git a/static/img/update_box_v2.png b/static/img/update_box_v2.png
new file mode 100644
index 0000000..fd022f9
Binary files /dev/null and b/static/img/update_box_v2.png differ