backport of commit dac2ffc (#29340)

Co-authored-by: Theron Voran <[email protected]>

website/content/docs/platform/k8s/injector/annotations.mdx

@@ -28,7 +28,7 @@ them, optional commands to run, etc.
 
 - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This
   value overrides the default image configured in the injector and is usually
-  not needed. Defaults to `hashicorp/vault:1.18.1`.
+  not needed. Defaults to `hashicorp/vault:1.18.2`.
 
 - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent
   init container first if `true` (last if `false`). This is useful when other init

website/content/docs/platform/k8s/injector/index.mdx

@@ -189,6 +189,33 @@ The configuration map must contain either one or both of the following files:
 
 An example of mounting a Vault Agent configmap [can be found here](/vault/docs/platform/k8s/injector/examples#configmap-example).
 
+### Injector telemetry
+
+<Tip>
+
+Set [`injector.metrics.enabled`](/vault/docs/platform/k8s/helm/configuration#metrics) 
+to `true` in the Helm chart to start collecting injector metrics.
+
+</Tip>
+
+Vault Agent injector collects the following Prometheus metrics in addition to
+the default set of `golang` metrics:
+
+- `vault_agent_injector_request_queue_length` - The number of pending webhook requests for the injector.
+
+- `vault_agent_injector_request_processing_duration_ms` - A histogram of webhook
+  request processing times in milliseconds.
+
+- `vault_agent_injector_injections_by_namespace_total` - The total count of
+  Agent container injections, grouped by Kubernetes `namespace` and `injection_type`.
+  Vault Agent injector counts the following injection types:
+    - `init_only`
+    - `sidecar_only`
+    - `init_and_sidecar`
+
+- `vault_agent_injector_failed_injections_by_namespace_total` - The total count
+  of failed Agent sidecar injections, grouped by Kubernetes `namespace`.
+
 ## Tutorial
 
 Refer to the [Injecting Secrets into Kubernetes Pods via Vault Helm