From ef8a6f0fe60d0df9d5f0fd244f0c30c953ea5afb Mon Sep 17 00:00:00 2001
From: Long Vu <vu.long@ouranos.ca>
Date: Tue, 22 Aug 2023 23:52:52 -0400
Subject: [PATCH] monitoring: update documentation and changelog for new
 monitoring group

---
 CHANGES.md                      | 8 +++++++-
 birdhouse/components/README.rst | 8 ++++----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index d8b8dc6f2..8c5567430 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -15,7 +15,13 @@
 [Unreleased](https://github.com/bird-house/birdhouse-deploy/tree/master) (latest)
 ------------------------------------------------------------------------------------------------------------------
 
-[//]: # (list changes here, using '-' for each new entry, remove this when items are added)
+## Changes
+
+- Monitoring: allow access to magpie members of group monitoring
+
+  To allow accessing the various monitoring WebUI without having full blown
+  magpie admin priviledge to add and remove users.
+
 
 [1.29.1](https://github.com/bird-house/birdhouse-deploy/tree/1.29.1) (2023-08-15)
 ------------------------------------------------------------------------------------------------------------------
diff --git a/birdhouse/components/README.rst b/birdhouse/components/README.rst
index 76e025024..7f703d57d 100644
--- a/birdhouse/components/README.rst
+++ b/birdhouse/components/README.rst
@@ -298,10 +298,10 @@ Usage
 - Prometheus alert rules: https://PAVICS_FQDN/prometheus/rules
 - AlertManager to manage alerts: https://PAVICS_FQDN/alertmanager
 
-The paths above are by default only accessible to a user logged in to magpie as an administrator.
-These routes provide sensitive information about the birdhouse-deploy software stack and the machine
-that it is running on. It is highly discouraged to make these routes available to anyone who is not
-an administrator.
+The paths above are by default only accessible to a user logged in to magpie as an administrator or
+as a member of group ``monitoring``.  These routes provide sensitive information about the
+birdhouse-deploy software stack and the machine that it is running on. It is highly discouraged to
+make these routes available to anyone who does not have proper access permissions.
 
 
 How to Enable the Component