From d41d36b44f73d354bda1a780c0e5391e31bc8c6d Mon Sep 17 00:00:00 2001
From: Alex Fenlon <a.fenlon@f5.com>
Date: Thu, 18 Sep 2025 11:54:52 +0100
Subject: [PATCH 1/2] fix: Add volume mounts for NIC Security Monitoring due to
 missing permissions

---
 content/nic/tutorials/security-monitoring.md | 23 +++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/content/nic/tutorials/security-monitoring.md b/content/nic/tutorials/security-monitoring.md
index 24ec21b9c..b2fd73c88 100644
--- a/content/nic/tutorials/security-monitoring.md
+++ b/content/nic/tutorials/security-monitoring.md
@@ -82,13 +82,26 @@ If you use custom container images, NGINX Agent must be installed along with NGI
 
 {{< call-out "note" >}} The `features` list must not contain `nginx-config-async` or `nginx-ssl-config` as these features can cause conflicts with NGINX Ingress Controller.{{< /call-out >}}
 
-3. Make sure that the ConfigMap is mounted to the NGINX Ingress Controller pod at `/etc/nginx-agent/nginx-agent.conf` by adding the following to the NGINX Ingress Controller deployment manifest:
+3. Make sure that the ConfigMap is mounted to the NGINX Ingress Controller pod at `/etc/nginx-agent/nginx-agent.conf` and the dynamic agent config is mounted at `/var/lib/nginx-agent` by adding the following volumes and volumeMounts to the NGINX Ingress Controller deployment manifest:
 
+   **Volumes:**
    ```yaml
-    volumeMounts:
-    - name: agent-conf
-      mountPath: /etc/nginx-agent/nginx-agent.conf
-      subPath: nginx-agent.conf
+   volumes:
+     - name: agent-conf
+       configMap:
+         name: agent-conf
+     - name: agent-dynamic
+       emptyDir: {}
+   ```
+
+   **Volume Mounts:**
+   ```yaml
+   volumeMounts:
+     - name: agent-conf
+       mountPath: /etc/nginx-agent/nginx-agent.conf
+       subPath: nginx-agent.conf
+     - name: agent-dynamic
+       mountPath: /var/lib/nginx-agent
    ```
 
 4. Follow the [Installation with Manifests]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}) instructions to deploy NGINX Ingress Controller with custom resources enabled.

From 99e42c8691c7794ea0a4f4a48e1e965d99a27ac6 Mon Sep 17 00:00:00 2001
From: Alex Fenlon <a.fenlon@f5.com>
Date: Thu, 18 Sep 2025 12:01:15 +0100
Subject: [PATCH 2/2] remove bold text

---
 content/nic/tutorials/security-monitoring.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/content/nic/tutorials/security-monitoring.md b/content/nic/tutorials/security-monitoring.md
index b2fd73c88..b5ae2110c 100644
--- a/content/nic/tutorials/security-monitoring.md
+++ b/content/nic/tutorials/security-monitoring.md
@@ -84,7 +84,6 @@ If you use custom container images, NGINX Agent must be installed along with NGI
 
 3. Make sure that the ConfigMap is mounted to the NGINX Ingress Controller pod at `/etc/nginx-agent/nginx-agent.conf` and the dynamic agent config is mounted at `/var/lib/nginx-agent` by adding the following volumes and volumeMounts to the NGINX Ingress Controller deployment manifest:
 
-   **Volumes:**
    ```yaml
    volumes:
      - name: agent-conf
@@ -94,7 +93,6 @@ If you use custom container images, NGINX Agent must be installed along with NGI
        emptyDir: {}
    ```
 
-   **Volume Mounts:**
    ```yaml
    volumeMounts:
      - name: agent-conf