topic How to limit WriteConfig permissions? in Dynatrace API

How to limit WriteConfig permissions?

sonya_patel — Fri, 12 Nov 2021 14:44:42 GMT

I have a Dynatrace user who needs access to WriteConfig API for particular management zones. She would like to add subscribers for reports via API.

It seems like Default API WriteConfig access cannot be limited.

Any ideas how I can achieve limiting user access to WriteConfig API?

Re: How to limit WriteConfig permissions?

ryan_ott — Tue, 27 Jul 2021 20:46:44 GMT

If a user only has access to particular management zones within an environment, and they create an API token with WriteConfig, then it should only have access to edit configurations within those management zones that they have access to in the UI. However, if a user has environment-wide permissions and they create an API token with WriteConfig, then I do not believe there is a way to limit that API token scope to particular management zones. Each API token can only read/edit based on the user's permissions who created the token. Hope this helps.

-Ryan

Re: How to limit WriteConfig permissions?

sonya_patel — Thu, 29 Jul 2021 11:55:47 GMT

Thank you Ryan. I will try your recommendation.