diff --git a/modules/network-observability-multitenancy.adoc b/modules/network-observability-multitenancy.adoc index eebd146c77d2..a6530996a49a 100644 --- a/modules/network-observability-multitenancy.adoc +++ b/modules/network-observability-multitenancy.adoc @@ -5,7 +5,7 @@ :_mod-docs-content-type: PROCEDURE [id="network-observability-multi-tenancy_{context}"] = Enabling multi-tenancy in Network Observability -Multi-tenancy in the Network Observability Operator allows and restricts individual user access, or group access, to the flows stored in Loki and or Prometheus. Access is enabled for project administrators. Project administrators who have limited access to some namespaces can access flows for only those namespaces. +Multi-tenancy in the Network Observability Operator allows and restricts individual user access, or group access, to the flows stored in Loki and or Prometheus. Access is enabled for project administrators. Project administrators who have limited access to some namespaces can access flows for only those namespaces. For Developers, multi-tenancy is available for both Loki and Prometheus but requires different access rights. @@ -15,11 +15,11 @@ For Developers, multi-tenancy is available for both Loki and Prometheus but requ .Procedure -* For per-tenant access, you must have the `netobserv-reader` cluster role and the `netobserv-metrics-reader` namespace role to use the developer perspective. Run the following commands for this level of access: +* For per-tenant access, you must have the `netobserv-loki-reader` cluster role and the `netobserv-metrics-reader` namespace role to use the developer perspective. Run the following commands for this level of access: + [source,terminal] ---- -$ oc adm policy add-cluster-role-to-user netobserv-reader +$ oc adm policy add-cluster-role-to-user netobserv-loki-reader ---- + [source,terminal] @@ -27,11 +27,11 @@ $ oc adm policy add-cluster-role-to-user netobserv-reader $ oc adm policy add-role-to-user netobserv-metrics-reader -n ---- -* For cluster-wide access, non-cluster-administrators must have the `netobserv-reader`, `cluster-monitoring-view`, and `netobserv-metrics-reader` cluster roles. In this scenario, you can use either the admin perspective or the developer perspective. Run the following commands for this level of access: +* For cluster-wide access, non-cluster-administrators must have the `netobserv-loki-reader`, `cluster-monitoring-view`, and `netobserv-metrics-reader` cluster roles. In this scenario, you can use either the admin perspective or the developer perspective. Run the following commands for this level of access: + [source,terminal] ---- -$ oc adm policy add-cluster-role-to-user netobserv-reader +$ oc adm policy add-cluster-role-to-user netobserv-loki-reader ---- + [source,terminal]