https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244294#M32083 <P>Hi, according to this data, you only have the option to give View and Manage User and Groups permissions, not only view.</P><P><A href="https://docs.dynatrace.com/docs/shortlink/account-management-permissions#permissions-table" target="_blank">https://docs.dynatrace.com/docs/shortlink/account-management-permissions#permissions-table</A>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="DanielS_0-1714413844018.png" style="width: 400px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/19522iF9B16DF8588F467F/image-size/medium?v=v2&amp;px=400" role="button" title="DanielS_0-1714413844018.png" alt="DanielS_0-1714413844018.png" /></span></P><P>&nbsp;</P> Mon, 29 Apr 2024 19:19:23 GMT DanielS 2024-04-29T19:19:23Z https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244258#M32082 <P>Hello respected community memembers,<BR /><BR />in Dynatrace classic permission we can assign to groups:</P> <UL class=""> <LI> <P class="">View and manage users and groups (Permissions)</P> </LI> </UL> <P class="">I' m looking for a way to set up a IAM policy That will split the permission as:</P> <P class="">&nbsp;</P> <UL> <LI>Policy 1: ALLOW View Users and Groups</LI> <LI>Policy 2: ALLOW Manage Users and Groups</LI> </UL> <P>Is this possible?</P> <P>&nbsp;</P> Mon, 06 May 2024 13:29:00 GMT https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244258#M32082 y_buccellato 2024-05-06T13:29:00Z https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244294#M32083 <P>Hi, according to this data, you only have the option to give View and Manage User and Groups permissions, not only view.</P><P><A href="https://docs.dynatrace.com/docs/shortlink/account-management-permissions#permissions-table" target="_blank">https://docs.dynatrace.com/docs/shortlink/account-management-permissions#permissions-table</A>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="DanielS_0-1714413844018.png" style="width: 400px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/19522iF9B16DF8588F467F/image-size/medium?v=v2&amp;px=400" role="button" title="DanielS_0-1714413844018.png" alt="DanielS_0-1714413844018.png" /></span></P><P>&nbsp;</P> Mon, 29 Apr 2024 19:19:23 GMT https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244294#M32083 DanielS 2024-04-29T19:19:23Z https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244296#M32084 <P>But If you do it by API, you can choose the token scope for read or write access only:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="DanielS_0-1714418657708.png" style="width: 400px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/19525iFC4B84714D4DD25C/image-size/medium?v=v2&amp;px=400" role="button" title="DanielS_0-1714418657708.png" alt="DanielS_0-1714418657708.png" /></span></P><P>&nbsp;</P> Mon, 29 Apr 2024 19:25:18 GMT https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244296#M32084 DanielS 2024-04-29T19:25:18Z https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244331#M32089 <P>My final scope would be to edit groups and assign permission to it, without ever editing the users (or blocking the ability of manually adding users from Dynatrace). That is why I'm looking into the subjects</P> Tue, 30 Apr 2024 07:16:41 GMT https://community.dynatrace.com/t5/Open-Q-A/Policy-replacing-quot-View-and-manage-users-and-groups/m-p/244331#M32089 y_buccellato 2024-04-30T07:16:41Z