https://community.dynatrace.com/t5/Open-Q-A/Is-there-an-easy-way-to-get-up-and-running-with-IAM-policies/m-p/267881#M35420 <P><SPAN class="TextRun SCXW123373163 BCX0" data-contrast="auto"><SPAN class="NormalTextRun SCXW123373163 BCX0">IAM policies offer granular access control to the Dynatrace platform and data; however, they can be overwhelming for </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">new users</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">. If you </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">opted to</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> create you</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">r</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> own custom groups</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> rather than the </SPAN><SPAN class="NormalTextRun ContextualSpellingAndGrammarErrorV2Themed SCXW123373163 BCX0">provided default groups</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">, </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">and would like to quickly grant permissions</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">,</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> then </SPAN></SPAN><A class="Hyperlink SCXW123373163 BCX0" href="https://docs.dynatrace.com/docs/shortlink/default-groups-permissions#default-policies" target="_blank" rel="noreferrer noopener"><SPAN class="TextRun Underlined SCXW123373163 BCX0" data-contrast="none"><SPAN class="NormalTextRun SCXW123373163 BCX0" data-ccp-charstyle="Hyperlink">default policies</SPAN></SPAN></A><SPAN class="TextRun SCXW123373163 BCX0" data-contrast="auto"><SPAN class="NormalTextRun SCXW123373163 BCX0"> would be your best avenue. These are categorized into “Dynatrace Access” and “Data Access”</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> and already encapsulate all the individual permissions</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> you would need for typical access scenarios</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">. For example, you could assign “Standard User” and “Storage All Grail Data Read” to one of your user groups, to grant users of that group access to the Dynatrace platform and </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">the </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">ability to read all Grail records.</SPAN></SPAN><SPAN class="EOP SCXW123373163 BCX0" data-ccp-props="{&quot;335559685&quot;:720}">&nbsp;</SPAN></P> Mon, 20 Jan 2025 11:06:06 GMT Jon2 2025-01-20T11:06:06Z https://community.dynatrace.com/t5/Open-Q-A/Is-there-an-easy-way-to-get-up-and-running-with-IAM-policies/m-p/267880#M35419 <P><SPAN>What are the two categories of default IAM policies in Dynatrace, and what permissions do they typically grant?</SPAN></P> Mon, 20 Jan 2025 11:05:37 GMT https://community.dynatrace.com/t5/Open-Q-A/Is-there-an-easy-way-to-get-up-and-running-with-IAM-policies/m-p/267880#M35419 GosiaMurawska 2025-01-20T11:05:37Z https://community.dynatrace.com/t5/Open-Q-A/Is-there-an-easy-way-to-get-up-and-running-with-IAM-policies/m-p/267881#M35420 <P><SPAN class="TextRun SCXW123373163 BCX0" data-contrast="auto"><SPAN class="NormalTextRun SCXW123373163 BCX0">IAM policies offer granular access control to the Dynatrace platform and data; however, they can be overwhelming for </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">new users</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">. If you </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">opted to</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> create you</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">r</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> own custom groups</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> rather than the </SPAN><SPAN class="NormalTextRun ContextualSpellingAndGrammarErrorV2Themed SCXW123373163 BCX0">provided default groups</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">, </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">and would like to quickly grant permissions</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">,</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> then </SPAN></SPAN><A class="Hyperlink SCXW123373163 BCX0" href="https://docs.dynatrace.com/docs/shortlink/default-groups-permissions#default-policies" target="_blank" rel="noreferrer noopener"><SPAN class="TextRun Underlined SCXW123373163 BCX0" data-contrast="none"><SPAN class="NormalTextRun SCXW123373163 BCX0" data-ccp-charstyle="Hyperlink">default policies</SPAN></SPAN></A><SPAN class="TextRun SCXW123373163 BCX0" data-contrast="auto"><SPAN class="NormalTextRun SCXW123373163 BCX0"> would be your best avenue. These are categorized into “Dynatrace Access” and “Data Access”</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> and already encapsulate all the individual permissions</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0"> you would need for typical access scenarios</SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">. For example, you could assign “Standard User” and “Storage All Grail Data Read” to one of your user groups, to grant users of that group access to the Dynatrace platform and </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">the </SPAN><SPAN class="NormalTextRun SCXW123373163 BCX0">ability to read all Grail records.</SPAN></SPAN><SPAN class="EOP SCXW123373163 BCX0" data-ccp-props="{&quot;335559685&quot;:720}">&nbsp;</SPAN></P> Mon, 20 Jan 2025 11:06:06 GMT https://community.dynatrace.com/t5/Open-Q-A/Is-there-an-easy-way-to-get-up-and-running-with-IAM-policies/m-p/267881#M35420 Jon2 2025-01-20T11:06:06Z