Specifics about UI perms

doc-Service-Telemetry-Framework/modules/proc_accessing-uis-for-stf-components.adoc

@@ -4,7 +4,18 @@
 [role="_abstract"]
 In {OpenShift}, applications are exposed to the external network through a route. For more information about routes, see https://docs.openshift.com/container-platform/{NextSupportedOpenShiftVersion}/networking/configuring_ingress_cluster_traffic/overview-traffic.html[Configuring ingress cluster traffic].
 
-In {Project} ({ProjectShort}), HTTPS routes are exposed for each service that has a web-based interface. These routes are protected by {OpenShift} RBAC and any user that has read access to the component can log in. For more information about RBAC, see https://docs.openshift.com/container-platform/{NextSupportedOpenShiftVersion}/authentication/using-rbac.html[Using RBAC to define and apply permissions].
+In {Project} ({ProjectShort}), HTTPS routes are exposed for each service that has a web-based interface. These routes are protected by {OpenShift} RBAC and any user that has read access to the component can log in.
+
+Specifically, the following permissions are required in order to access the corresponding component UIs:
+
+[source,json,options="nowrap"]
+----
+{"namespace":"service-telemetry", "resource":"grafana", "group":"integreatly.org", "verb":"get"}
+{"namespace":"service-telemetry", "resource":"prometheus", "group":"monitoring.rhobs", "verb":"get"}
+{"namespace":"service-telemetry", "resource":"alertmanager", "group":"monitoring.rhobs", "verb":"get"}
+----
+
+For more information about RBAC, see https://docs.openshift.com/container-platform/{NextSupportedOpenShiftVersion}/authentication/using-rbac.html[Using RBAC to define and apply permissions].
 
 .Procedure
 

doc-Service-Telemetry-Framework/modules/proc_connecting-an-external-dashboard-system.adoc

@@ -74,4 +74,4 @@ secret "my-prometheus-reader-token" deleted
 
 .Additional information
 
-For more information about service account token secrets, see link:https://docs.openshift.com/container-platform/4.14/nodes/pods/nodes-pods-secrets.html#nodes-pods-secrets-creating-sa_nodes-pods-secrets[Creating a service account token secret] in the _OpenShift Container Platform Documentation_.
+For more information about service account token secrets, see link:https://docs.openshift.com/container-platform/{NextSupportedOpenShiftVersion}/nodes/pods/nodes-pods-secrets.html#nodes-pods-secrets-creating-sa_nodes-pods-secrets[Creating a service account token secret] in the _OpenShift Container Platform Documentation_.

doc-Service-Telemetry-Framework/modules/proc_importing-dashboards.adoc

@@ -73,4 +73,6 @@ grafana-route-service-telemetry.apps.infra.watch
 
 . In a web browser, navigate to https://_<grafana_route_address>_. Replace _<grafana_route_address>_ with the value that you retrieved in the previous step.
 
+. Log in with OpenShift credentials. For more information about logging in, see xref:accessing-uis-for-stf-components_assembly-installing-the-core-components-of-stf[].
+
 . To view the dashboard, click *Dashboards* and *Manage*.