From 2eb4304b657d363fe2910594141c6d574e5c8188 Mon Sep 17 00:00:00 2001
From: Tyler Helmuth <12352919+TylerHelmuth@users.noreply.github.com>
Date: Thu, 12 Oct 2023 13:41:23 -0600
Subject: [PATCH 1/2] Add RBAC docs

---
 receiver/kubeletstatsreceiver/README.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/receiver/kubeletstatsreceiver/README.md b/receiver/kubeletstatsreceiver/README.md
index f69d3a7eb915..27db696c8913 100644
--- a/receiver/kubeletstatsreceiver/README.md
+++ b/receiver/kubeletstatsreceiver/README.md
@@ -228,3 +228,24 @@ The following parameters can also be specified:
 
 The full list of settings exposed for this receiver are documented [here](./config.go)
 with detailed sample configurations [here](./testdata/config.yaml).
+
+### Role-based access control
+
+The Kubelet Stats Receiver  needs `get` permissions on the `nodes/stats` resources. Additionally, when using `extra_metadata_labels` or any of the `{request|limit}_utilization` metrics the processor also needs `get` permissions for `nodes/proxy` resources.
+
+```yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: otel-collector
+rules:
+  - apiGroups: [""]
+    resources: ["nodes/stats"]
+    verbs: ["get"]
+    
+  # Only needed if you are using extra_metadata_labels or
+  # are collecting the request/limit utilization metrics
+  - apiGroups: [""]
+    resources: ["nodes/proxy"]
+    verbs: ["get"]
+```

From 98a79861a4a312ee8711fd312c3a4d9489812754 Mon Sep 17 00:00:00 2001
From: Tyler Helmuth <12352919+TylerHelmuth@users.noreply.github.com>
Date: Thu, 12 Oct 2023 14:22:28 -0600
Subject: [PATCH 2/2] Update receiver/kubeletstatsreceiver/README.md

Co-authored-by: Curtis Robert <92119472+crobert-1@users.noreply.github.com>
---
 receiver/kubeletstatsreceiver/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/receiver/kubeletstatsreceiver/README.md b/receiver/kubeletstatsreceiver/README.md
index 27db696c8913..f410039bcfcd 100644
--- a/receiver/kubeletstatsreceiver/README.md
+++ b/receiver/kubeletstatsreceiver/README.md
@@ -231,7 +231,7 @@ with detailed sample configurations [here](./testdata/config.yaml).
 
 ### Role-based access control
 
-The Kubelet Stats Receiver  needs `get` permissions on the `nodes/stats` resources. Additionally, when using `extra_metadata_labels` or any of the `{request|limit}_utilization` metrics the processor also needs `get` permissions for `nodes/proxy` resources.
+The Kubelet Stats Receiver needs `get` permissions on the `nodes/stats` resources. Additionally, when using `extra_metadata_labels` or any of the `{request|limit}_utilization` metrics the processor also needs `get` permissions for `nodes/proxy` resources.
 
 ```yaml
 apiVersion: rbac.authorization.k8s.io/v1