19 Feb 2015 01:56 AM - last edited on 17 Oct 2022 02:15 AM by Ana_Kuzmenchuk
How does Dynatrace support and reflect different roles in an organisation where it's important to have strict information segregation between application and/or platform domains? For example, is it possible to restrict/filter the information a specific user can access on a (shared) host depending on applications and/or services?
Solved! Go to Solution.
Hi @Enrico F.
Dynatrace supports different access rights. We distinguish account permissions (e.g. managing company contact info, editing payment details) and tenant permissions (e.g monitoring configuration). Dynatrace supports three tenant roles:
We are currently developing support for multi tenancy. You can then assign users to a specific tenant thus granting them access only to the applications/services which are present at the specific tenant.
Let me know if you need more details!
Hi Enrico, I like to add to Gerald's note the following:
* Dynatrace is 100% multi-tenant in the sense of 1 account is assigned to 1 tenant at this point in time. thus currently you can solve your problem through using multiple Dynatrace accounts.
* As Gerald mentioned we are actively working on a 1 account has 1...n tenants capability and will continue to add additional capabilities to define visibilities even within tenants, as we are well aware about needs in larger organizations through our experience with the Dynatrace products that run thousands of top businesses.
For a while we have multi tenancy support ready. If you are still interested in that feature feel free to contact us.
You can find an introduction into multi tenancy in our help system.
Thanks, but that link does no longer work (it simply redirects to https://help.dynatrace.com/)
However, I read the introduction regarding setup up of user groups and permissions and there I've seen that "environment-based permissions" are mentioned. My questions regarding this:
Hi @Enrico F.
Thanks for finding the broken link. We'll fix it as soon as possible!
A Dynatrace monitoring environment is where all root cause analysis and fault domain isolation take place. Your monitoring environment is where Dynatrace OneAgent sends its monitoring data. It also includes the dashboards, charts, and reports that you use to stay on top of your environment’s performance. Think of your monitoring environment as the analysis server that provides all application performance analysis and think of your Dynatrace Server as your cloud infrastructure within your data center.
You may want to set up dedicated monitoring environments to monitor your organization's development, staging, and production environments. Or maybe you want to maintain a separate monitoring environment for each of your organization's data centers.
For these reasons and more, Dynatrace allows you to monitor multiple environments simultaneously. The data from each additional monitoring environment you create are separated from the data monitored in your other environments. Though as a Dynatrace user, it's easy to switch between monitoring views for the separate environments.
So, you can have multiple environments per account. And components like services, hosts, and applications only belong to one environment.
Hi @Enrico F.
The link works again.
An environment comprises all of your monitoring data and it is separated from any other environments.
Each account can have multiple environments, e.g. for pre-prod and prod.
Components belong to one environment only.