topic Re: Enforce dql query requirements in Open Q&A

Enforce DQL query requirements

calfanonerey — Tue, 30 Dec 2025 15:31:07 GMT

Is there a way in the platform where I can enforce that a query MUST contain the "bucket" parameter. For example, I want all non-admin users to utilize buckets and if they don't they will not see any data. ie:

will show results:

fetch logs, bucket:{"my-service_logs"}

will NOT show results:
fetch logs

The end goal is to get people to utilize buckets to optimize queries

Re: Enforce dql query requirements

p_devulapalli — Tue, 26 Aug 2025 01:24:37 GMT

@calfanonerey You can configure IAM policy permissions to limit user access to specific buckets , so they would only see the data from the buckets they have permissions to view.

https://docs.dynatrace.com/docs/shortlink/assign-bucket-table-permissions

https://docs.dynatrace.com/docs/shortlink/iam-policystatements#storage

Re: Enforce dql query requirements

calfanonerey — Tue, 26 Aug 2025 18:27:37 GMT

Thanks! But if I have a user with the assigned buckets and they do a fetch logs command they will just see the data for all the buckets they have access to right? Ideally I would want them to use the buckets parameter otherwise they should not see any data

Re: Enforce dql query requirements

p_devulapalli — Tue, 26 Aug 2025 22:44:47 GMT

@calfanonerey Right, they would see all buckets they have access to, not sure there is a way currently to enforce a rule at DQL query level.

This is an interesting option to have , you can open a idea and see if it gets through

For now, I think educating the end-users on the DQL best practices is the option (I know its not easy)