diff --git a/cli/cmd/resources/README.md b/cli/cmd/resources/README.md
index 37beeaf66..00c6335e7 100644
--- a/cli/cmd/resources/README.md
+++ b/cli/cmd/resources/README.md
@@ -32,7 +32,8 @@ In this doc, we'll keep track of the permissions requested across different reso
 | Collector    | ""        | endpoints                                                                  | get, list, watch                                | Needed for load balancer.                                                             |
 | Collector    | policy    | podsecuritypolicies                                                        | use                                             | Supports clients enabling pod security policies (optional).                           |
 | UI           | ""        | namespaces                                                                 | get, list, patch                                | Required to retrieve and modify namespace configurations during instrumentation.      |
-| UI           | ""        | services, pods                                                             | get, list                                       | Required for discovering potential destinations and describing application workloads. |
+| UI           | ""        | services                                                                   | get, list                                       | Required for discovering potential destinations and describing application workloads. |
+| UI           | ""        | pods                                                                       | get, list, watch                                | Required for discovering potential destinations and describing application workloads, and for updating collector metrics.  |
 | UI           | apps      | deployments, statefulsets, daemonsets                                      | get, list, patch, update                        | Needed for application instrumentation.                                               |
 | UI           | apps      | replicasets                                                                | get, list                                       | Used for describing source and application configurations.                            |
 | UI           | odigos.io | instrumentedapplications, instrumentationinstances, instrumentationconfigs | get, list, watch                                | Used to retrieve and monitor instrumented applications and configurations.            |
diff --git a/cli/cmd/resources/ui.go b/cli/cmd/resources/ui.go
index de9a2ca14..e9253372d 100644
--- a/cli/cmd/resources/ui.go
+++ b/cli/cmd/resources/ui.go
@@ -225,11 +225,16 @@ func NewUIClusterRole() *rbacv1.ClusterRole {
 				Verbs:     []string{"get", "list"},
 			},
 			{ // Need "services" for "Potential Destinations"
-				// Need "pods" for "Describe Source"
 				APIGroups: []string{""},
-				Resources: []string{"services", "pods"},
+				Resources: []string{"services"},
 				Verbs:     []string{"get", "list"},
 			},
+			{ // Need "pods" for "Describe Source"
+			  // for collector metrics - watch and list collectors pods
+				APIGroups: []string{""},
+				Resources: []string{"pods"},
+				Verbs:     []string{"get", "list", "watch"},
+			},
 			{ // Needed to read Odigos entities
 				APIGroups: []string{"odigos.io"},
 				Resources: []string{"instrumentedapplications", "instrumentationinstances", "instrumentationconfigs"},
diff --git a/helm/odigos/templates/ui/clusterrole.yaml b/helm/odigos/templates/ui/clusterrole.yaml
index db40122df..982351e11 100644
--- a/helm/odigos/templates/ui/clusterrole.yaml
+++ b/helm/odigos/templates/ui/clusterrole.yaml
@@ -33,10 +33,17 @@ rules:
       - ''
     resources:
       - services
+    verbs:
+      - get
+      - list
+  - apiGroups:
+      - ''
+    resources:
       - pods
     verbs:
       - get
       - list
+      - watch
   - apiGroups:
       - odigos.io
     resources: