https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220171#M27949 <P>We grant access based off the groups to ensure each team/group sees the data particular to their scope. For Example, EasyTravel Team gets to see everything in Management Zone Easy Travel</P> Tue, 08 Aug 2023 15:50:05 GMT ChadTurner 2023-08-08T15:50:05Z https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/218420#M27596 <P>Hi Folks,&nbsp;<BR />&nbsp;How do you manage your group policy for the Departments?&nbsp;<BR />For instance, are you limiting the Database department to see only DB hosts with Statements and Queries?&nbsp;<BR />Let's share some thoughts about it.&nbsp;<BR /><BR />My manage access for DB team is next:&nbsp;</P> <DIV class=""> <DIV class=""> <DIV class="">&nbsp;</DIV> </DIV> </DIV> <DIV class=""> <DIV class=""> <DIV class=""> <P><STRONG>Account permissions</STRONG><BR />View account</P> <P><STRONG><BR />Environment permissions</STRONG></P> <P>View environment</P> <P>View logs</P> <P><STRONG><BR />Management zone permissions</STRONG><BR />No permissions</P> <P><STRONG>Policies</STRONG><BR /><BR /><STRONG>Account policies</STRONG><BR />Settings Reader</P> <P>Storage All System Data Read</P> <P>Storage Default Monitoring Read</P> <P>Storage Entities Read</P> <P>Storage Events Read</P> <P>Storage Logs Read</P> <P>Storage Metrics Read</P> <P>Storage Spans Read</P> <P><STRONG><BR />Environment policies</STRONG><BR />No policies</P> <P class="">Am I missing something based on your experience? or should I consider anything else?&nbsp;<BR />Thanks.&nbsp;</P> </DIV> </DIV> </DIV> Wed, 19 Jul 2023 06:59:59 GMT https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/218420#M27596 Vakho 2023-07-19T06:59:59Z https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220171#M27949 <P>We grant access based off the groups to ensure each team/group sees the data particular to their scope. For Example, EasyTravel Team gets to see everything in Management Zone Easy Travel</P> Tue, 08 Aug 2023 15:50:05 GMT https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220171#M27949 ChadTurner 2023-08-08T15:50:05Z https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220331#M27978 <P>In addition to this: you can use Management zones to allow people to read data and also get the right alerting.</P><P>&nbsp;</P><P>Next to that&nbsp; you can set up specific access rights to allow people to do certain tasks or change settings.&nbsp;</P><P>I would suggest to be very specific whilst creating these extra policies.</P><P>If your DB team shouldn't see everything, make sure to only grant them permissions to a certain predefined management zone.</P> Wed, 09 Aug 2023 18:51:27 GMT https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220331#M27978 michiel_otten 2023-08-09T18:51:27Z https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220332#M27979 <P>Thank you&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/14877">@ChadTurner</a>&nbsp; and&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/4669">@michiel_otten</a>&nbsp;<BR />I've played around with the policies and seems it has very flexible possibilities with the permissions.&nbsp;<BR />Still playing <span class="lia-unicode-emoji" title=":grinning_face_with_smiling_eyes:">😄</span> If I will came across something interesting I will share it with the community for sure.&nbsp;<BR /><BR /></P> Wed, 09 Aug 2023 18:54:17 GMT https://community.dynatrace.com/t5/Open-Q-A/Group-based-permissions-management/m-p/220332#M27979 Vakho 2023-08-09T18:54:17Z