Added information about the dedicated-admin role

modules/dedicated-managing-service-accounts.adoc

@@ -9,6 +9,24 @@ Service accounts are API objects that exist within each project. To manage
 service accounts, you can use the `oc` command with the `sa` or `serviceaccount`
 object type or use the web console.
 
+The *dedicated-admin* service creates the *dedicated-admins* group. This group is
+granted the roles at the cluster or individual project level. Users can be
+assigned to this group and group membership defines who has OpenShift Dedicated
+administrator access. However, by design, service accounts cannot be added to
+regular groups.
+
+Instead, the dedicated-admin service creates a special project for this purpose
+named *dedicated-admin*. The service account group for this project is granted
+OpenShift Dedicated *admin* roles, granting OpenShift Dedicated administrator
+access to all service accounts within the *dedicated-admin* project. These service
+accounts can then be used to perform any actions that require OpenShift
+Dedicated administrator access.
+
+Users that are members of the *dedicated-admins* group, and thus have been granted
+the *dedicated-admin* role, have `edit` access to the *dedicated-admin* project. This
+allows these users to manage the service accounts in this project and create new
+ones as needed. 
+
 To get a list of existing service accounts in the current project, run:
 
 ----