FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Settings 2.0 - Policy to set key user actions

Go to solution
PedroDeodato
DynaMight Pro
DynaMight Pro

‎14 Aug 2023 12:36 PM - last edited on ‎14 Aug 2023 03:14 PM by Community Team

I was trying to create a policy so that I can give a user the permission to set Key User Actions, without giving them permissions to Edit the whole application, nor giving them access to the Environment's whole Settings page (i.e., I do not want to put them in the Monitoring Admin user group).

This user just needs to be able to set a User Action as key (and remove it from key, afterwards, if needed).

 

I notice that something similar can be done at the Services level: one can be given the permission to Write on the "Key Requests" list, and so set requests as Key...

As sugested on the "Key Requests" settings page on a given service:

PedroDeodato_0-1692012385509.png

The policy should look something like:

ALLOW settings:objects:read, settings:objects:write, settings:schemas:read
WHERE settings:schemaId = "builtin:settings.subscriptions.service";

 

Is something similar available to Key User Actions?
I know that this sort of page does not exist at the Application level, but I was wondering if the permission to set a User Action as Key (which does not require access to any settings page, just the button on the User Action page) could be granted via any existing policy?

Best regards, Pedro Deodato
Labels:
Reply
8 REPLIES 8

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend

‎14 Aug 2023 12:45 PM

Afaik there is no such schema you can use for key user action (at this time).

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
Reply

Go to solution
PedroDeodato
DynaMight Pro
DynaMight Pro
In response to Julius_Loman

‎14 Aug 2023 02:35 PM

Thanks, @Julius_Loman !
I've searched and searched, so I assume that as well... I'll probably post it as a Product Idea 🙂

Best regards, Pedro Deodato
Reply

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend
In response to PedroDeodato

‎14 Aug 2023 02:48 PM

If there is no schema for it, then you can't use the settings API to modify it. Such schema is not listed in the docs, you can check the settings API to fetch a current schema list - maybe there is already something not yet listed in the docs.

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
Reply

Go to solution
PedroDeodato
DynaMight Pro
DynaMight Pro
In response to Julius_Loman

‎14 Aug 2023 03:48 PM

Yep, that was what we did and found nothing to address our issue...

In the process, besides this one case, we found other interesting settings that have no schema for them... maybe we'll gather a list to post as Ideas, because such cases with the need for more granular permissions keep arising here and there: and, as you said, without schemas, there's nothing we can do about it 😞

Best regards, Pedro Deodato
0 Kudos
Reply

Go to solution
Kenny_Gillette
DynaMight Leader
DynaMight Leader
In response to PedroDeodato

‎21 Dec 2023 08:15 PM

I have documented everything that I can think of in a spreadsheet for Schema 1.0, 2.0 and no schema.

Here is link on no schema:

https://community.dynatrace.com/t5/Open-Q-A/Settings-1-0-2-0-and-some-settings-are-on-neither/m-p/23...

 

Dynatrace Certified Professional
Reply

Go to solution
radek_jasinski
DynaMight Guru
DynaMight Guru
In response to Kenny_Gillette

‎21 Dec 2023 09:42 PM

@Kenny_Gillette You have done a super job! It seems to be all there.

Have a nice day!
Reply

Go to solution
DanielS
DynaMight Guru
DynaMight Guru

‎14 Aug 2023 03:16 PM

Hi @PedroDeodato Same issue here, only role to access the button is change monitoring settings at least under Management Zone permissions, not doable via policy.

The true delight is in the finding out rather than in the knowing.
Reply

Go to solution
Mohamed_Hamdy
DynaMight Champion
DynaMight Champion
In response to DanielS

‎15 Aug 2023 09:17 AM

Yes, I've faced the same issue but with extensions configurations 

https://www.dynatrace.com/support/help/shortlink/iam-policystatements#extensions-configurations-writ...

 

Certified Dynatrace Professional | Certified Dynatrace Services Delivery - Observability & CloudOps | Dynatrace Partner - yourcompass.ca
0 Kudos
Reply
Ask a question

Featured Posts