This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dashboard Access Policies/Permissions

PedroSantos
Advisor

‎28 Feb 2025 03:47 PM - last edited on ‎03 Mar 2025 10:41 AM by Community Team

Hello community,

The issue I'm facing today is that I'm trying to give a specific user read access to a single dashboard (inside the Dashboards app, so not classic) in my environment. This user should only have this permission, and access to nothing else.

However I can't seem to be able to figure out a simple/effective way to do it.

Can anyone give me pointers on how to do this?

Thanks in advance x)

To make an error is human. To spread the error across all servers in an automated way is DevOps.
0 Kudos
Reply
5 REPLIES 5

KeeganNelson
Dynatrace Advisor
Dynatrace Advisor

‎28 Feb 2025 07:11 PM

Hello PedroSantos. 

Within individual dashboards there is an option to "share" dashboard. There is an opportunity to share access to people and groups that are in your environment with "can view' or "can edit" access. As well as an opportunity to create a link with the same permissions. Please refer to the screenshot below. 

KeeganNelson_0-1740769885022.png


Hope this helps!



Reply

AgataWlodarczyk
Community Team
Community Team
In response to KeeganNelson

‎04 Mar 2025 09:11 AM

@PedroSantos does it solve your case? 🙂

When passion meets people magic and innovation happen.
Reply

AntonioSousa
DynaMight Guru
DynaMight Guru
In response to AgataWlodarczyk

‎12 Mar 2025 06:30 PM

@AgataWlodarczyk,

Unfortunately, no. It seems it's not possible. As the use-case seems particularly relevant, I have posted a Product Idea: https://community.dynatrace.com/t5/Product-ideas/Hide-Ready-made-dashboards/idi-p/272303

Antonio Sousa
Reply

PedroSantos
Advisor
In response to KeeganNelson

‎05 Mar 2025 05:06 PM

Hello @KeeganNelson ,

Unfortunately, this does not solve my problem. The link or share option, by itself, doesn't grant access to anything.

Case in point, I have a test user with the right "shared" permissions on my dashboard:

PedroSantos_1-1741193316707.png

(The "Can Edit" option doesn't work either)

And this is what the test user sees:

PedroSantos_2-1741193394398.png

Generating a link for access provides the following results:

Screenshot from 2025-03-05 16-51-54.png

 

Bluntly put, it's not possible to grant access to a user who doesn't have the permission to, for example, see the dashboards app. In my case the user has permissions to see the dashboards app but something is missing.

In order for a user to be able to see the new dashboards app, and then only the dashboard I want them to see, they need actual permissions likely defined by policies.

I tried to tweak with the policies and grant access but with this access, comes the ability to see to a lot of pre-set dashboards:

PedroSantos_0-1741192987083.png

I don't want them to be able to see any of this.

So my question evolves to:

What permissions and/or policies do I need to define in order to ensure a user only has access to a single dashboard?

I understand that at the very least they'll need to have access to the dashboards app so I added this:

ALLOW app-engine:apps:run WHERE shared:app-id = "dynatrace.dashboards";

Given there isn't an "easy" way to do this, what else do I need to add?

To make an error is human. To spread the error across all servers in an automated way is DevOps.
0 Kudos
Reply

moin_DT1
Helper

‎05 Mar 2025 05:13 PM

@PedroSantos Also you can try using custom Policies and Boundaries, where you can defined exactly what you want to share and to whom you want to share:

https://docs.dynatrace.com/docs/shortlink/iam

0 Kudos
Reply
Ask a question

Featured Posts