Guide: https://source.redhat.com/groups/public/openshiftplatformsre/wiki/backplane_cluster_permissions

The IMS backplane configuration files should define namespaces your team needs access to, and what kinds of actions the team needs to take to solve alerts:
How to figure out the RBAC you need as an SRE:

Standard Operating Procedures (SOPS) define how to respond to alerts. What alerts will your team respond to? How will you solve them.

What verbs and kinds do you need access to to accomplish your SOPS?

App Topology:
What name spaces does your app create that you need access to?

Best practices: Keep in mind most amount of actions least amount of access. If you’re a backplane user can this be solved with a backplane script instead of adding the permission?

RBAC Guidelines: https://docs.google.com/document/d/12B7JtF3m6ZXzp6OtMTmIUqC5ZvWsBk988sVf1IhLIJc/edit 

Example Managed Cluster Config: https://github.com/openshift/managed-cluster-config/tree/master/deploy/backplane/cssre