See Only What’s Required With Instana’s Granular Role Based Access Control

July 9, 2020

Role Based Access Control

At Instana, we’ve spent years democratizing access to Application Performance Monitoring (APM). So when it came time to enhance the Role Based Access Control (RBAC) capabilities for our growing enterprise customers, we wanted to do more than just add access control. We wanted to add value for our users, not just limit their access.

Across the board at customers, we’ve seen large increases in the number of developers and operators using Instana on a daily basis. With the number of developers, operators, and teams constantly growing, it’s even more essential to deliver the right insights to the right person at the right time so they can make the best possible decision at any given moment. This need grows as the application environments become more complex overtime.

Any organization dealing with distributed, microservices based applications needs RBAC to be inclusive, meaning the more groups a person or team is added to, the more access they have to the product. This ensures end users always have the full context needed to deliver the best experience possible to their customers.

Instana’s RBAC also has an added benefit, along with helping users focus on the areas of the product they’re responsible for, it is also more secure for their customers. By giving access only to the areas required to do their job, it limits the number of users that have access to sensitive information. This is why having tight access control is a key component of passing security certifications such as meeting SOC 2 compliance.

Easy and Granular Role Based Access Control

Instana’s easy to use, granular RBAC keeps users focused on the areas of the product they’re responsible for. Limiting the number of visible Applications or Services to those that are relevant to a specified group, ensures engineers are not overwhelmed by the noise of applications and services they’re not responsible for.

Within Instana’s RBAC, every user is assigned a role. Out of the box, Instana’s RBAC comes with 2 available roles – Default and Owner. The Default role has all permissions disabled until they are added to specific groups. Users that are created through SSO or LDAP authentication are automatically assigned to the Default role. The Owner role has all permissions enabled by default. Administrators can also create custom roles, which can be assigned any combination of permissions deemed necessary.

Word Image 226

Create and manage groups/permissions Creating groups in Instana is how permissions are granted to users. Groups are generally used to organize Teams, ensuring that all teams have access to the data they need to successfully manage their use cases. Within each group, you can define the permission to enable areas of the product like:

Word Image 227

Define access areas

Once an area of the product has been added to the group, you can further grant access to specific areas within each product.

Word Image 228

Websites (End User Monitoring): Enable access to specific monitored websites and decide whether to permit access to the full analytics for those monitored websites.

Mobile: Enable access to mobile applications being monitored and determine if users should be enabled access to mobile analytics.

Application: Grant permissions for specific Application Perspectives that include the surrounding infrastructure, all traces that have a call or calls matching the criteria of the Application Perspective, and all services of the Application Perspective.

Kubernetes: Grant permissions for things like all namespaces within a specified cluster and determine if the surrounding infrastructure should also be permitted.

Instana has ensured that even with RBAC in place, users can still get the full context of what they’re viewing with Context Guide. Context Guide provides users with the complete upstream and downstream stack of the specific service, application, or infrastructure being viewed. This ensures that users always have the full context they need to make appropriately informed decisions.

Word Image 229

Get started with RBAC in your Instana instance today. If you don’t already have an Instana instance, check out RBAC with a free trial instance now.

Play with Instana’s APM Observability Sandbox

Instana is proud to announce the successful completion of our initial SOC 2 compliance audit. At Instana, state-of-the-art security is essential for our customers, for the services we operate for them and...

Start your FREE TRIAL today!

Instana, an IBM company, provides an Enterprise Observability Platform with automated application monitoring capabilities to businesses operating complex, modern, cloud-native applications no matter where they reside – on-premises or in public and private clouds, including mobile devices or IBM Z.

Control hybrid modern applications with Instana’s AI-powered discovery of deep contextual dependencies inside hybrid applications. Instana also gives visibility into development pipelines to help enable closed-loop DevOps automation.

This provides actionable feedback needed for clients as they to optimize application performance, enable innovation and mitigate risk, helping Dev+Ops add value and efficiency to software delivery pipelines while meeting their service and business level objectives.

For further information, please visit