Managing User Access
TABLE OF CONTENTS
Role-based access control is used to permit individual users to perform specific actions and get visibility to an access scope. Permissions are grouped into roles, and each user is assigned a unique role. By using permissions, you give the appropriate level of access to each user. Each user is assigned a single role, which comes with its associated permissions, and can be added to a specific group. This group sets the access scope and you can configure the visible areas for the group members.
- On the sidebar, click Settings -> Users -> Invite User.
Enter the email address of the person you want to invite. By default, a new user is assigned the
The invited user receives an email to complete their account setup.
On the sidebar, click Settings -> Roles.
By default, there are two available roles:
Default: All permissions are disabled. Users created through SSO/LDAP authentication are automatically assigned this role.
Owner: All permissions are enabled.
- To add a custom role, click New Role.
- Enter a name for the role and select from the following restriction and permissions.
Limit access by group access scope. Select this option to enable role-based access control for the user. Otherwise, the user access is not limited.
|Service & Endpoint Mapping||Gives permission to configure services and endpoints.|
|Website Monitoring Configuration||Gives permission to configure website monitoring.|
|User management||Gives permission to invite, modify, and remove user accounts.|
|Access role configuration||Gives permission to configure access roles and permissions for all users.|
|Access group configuration||Gives permission to configure access roles and permissions for all users.|
|Agent download and agent key visibility||Gives permission to access and configure the agent.|
|Access to license usage||Gives permission to access license usage information.|
|Configuration of integrations||Gives permission to create and configure alerting integrations.|
|Configuration of custom alerts||Gives permission to create and configure custom alerts and associated integrations.|
|Configuration of API tokens||Gives permission to create and configure API tokens.|
|Configuration of agent mode||Gives permission to create an agent mode through the UI.|
|Access to audit log||Gives permission to access the audit log for all users.|
|Configuration of agents||Gives permission to configure all agents through the UI.|
|Configuration of authentication methods||Gives permission to configure group authentication methods (e.g., 2FA/SSO).|
|Configuration of applications||Gives permission to create and configure applications.|
|Configuration of log management||Gives permission to configure log management.|
- Click Create.
- On the sidebar, click Settings -> Users.
- Click on a user.
- From the Role drop-down list, select the role you want to assign to the specific user.
- Save the user.
- On the sidebar, click Settings -> Groups -> New Group.
- Enter a name for the group.
- Add previously added users.
- Click Create.
- On the sidebar, click Settings -> Groups.
- Click on a group.
- Click on Add Areas on the areas list.
Select from the following product areas:
- Applications: Enable access to application perspectives from the list.
- Kubernetes Clusters: Enable access to kubernetes clusters from the list.
- Kubernetes Namespaces: Enable access to kubernetes namespaces from the list.
- Websites: Enable access to websites from the list.
- Mobile Apps: Enable access to mobile applications from the list.
- Infrastructure DFQ: Enable access to a given dynamic focus query.
- Application Perspectives: User can view the Application Perspectives in the Applications list, the related services in the Services list, the monitored hosts on the Infrastructure Map, and has access to Analytics.
- Kubernetes Clusters: User can view the Kubernetes Clusters in the Clusters list, on the Infrastructure Map, and has access to Analytics..
- Kubernetes Namespaces: User can view the Kubernetes Namespaces in the Namespaces list, on the Infrastructure Map, and has access to Analytics.
- Websites: User can view the website listed on the Websites page and has access to Analytics.
- Mobile Apps: User can view the mobile applications on the Mobile Apps page and has access to Analytics.
- Infra DFQ: User can view the entities matching the dynamic focus filter on the Infrastructure Map.
- Click Create.
All user activity is logged to the audit log.