Merge pull request openshift#80359 from openshift-cherrypick-robot/cherry-pick-78162-to-logging-docs-6.0

kalexand-rh · web-flow · commit dba0c02ec346 · 2024-08-12T14:06:55.000-04:00
[logging-docs-6.0] OSDOCS-10601: Updates to Custom admin group access for netobserv
diff --git a/modules/logging-loki-log-access.adoc b/modules/logging-loki-log-access.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * network_observability/installing-operators.adoc
+// * observability/network_observability/installing-operators.adoc
 // * logging/cluster-logging-loki.adoc
 
 :_mod-docs-content-type: CONCEPT
@@ -77,16 +77,36 @@ subjects:
 [id="custom-admin-group-access_{context}"]
 == Custom admin group access
 
-If you have a large deployment with a number of users who require broader permissions, you can create a custom group using the `adminGroup` field. Users who are members of any group specified in the `adminGroups` field of the `LokiStack` CR are considered admins. Admin users have access to all application logs in all namespaces, if they also get assigned the `cluster-logging-application-view` role.
+// tag::LokiMode[]
+If you have a large deployment with several users who require broader permissions, you can create a custom group using the `adminGroup` field. Users who are members of any group specified in the `adminGroups` field of the `LokiStack` CR are considered administrators. 
+// end::LokiMode[]
+
+// tag::NetObservMode[]
+If you need to see cluster-wide logs without necessarily being an administrator, or if you already have any group defined that you want to use here, you can specify a custom group using the `adminGroup` field. Users who are members of any group specified in the `adminGroups` field of the `LokiStack` custom resource (CR) have the same read access to logs as administrators. 
+// end::NetObservMode[]
+
+// tag::LokiMode[] 
+Administrator users have access to all application logs in all namespaces, if they also get assigned the `cluster-logging-application-view` role.
+// end::LokiMode[]
+
+// tag::NetObservMode[]
+Administrator users have access to all network logs across the cluster.
+// end::NetObservMode[]
 
 .Example `LokiStack` CR
 [source,yaml]
 ----
 apiVersion: loki.grafana.com/v1
 kind: LokiStack
 metadata:
+# tag::LokiMode[]
   name: logging-loki
   namespace: openshift-logging
+# end::LokiMode[]
+# tag::NetObservMode[]
+  name: loki
+  namespace: netobserv
+# end::NetObservMode[]
 spec:
   tenants:
 # tag::LokiMode[]
