Re: Enforce dql query requirements

calfanonerey · ‎25 Aug 2025

Is there a way in the platform where I can enforce that a query MUST contain the "bucket" parameter. For example, I want all non-admin users to utilize buckets and if they don't they will not see any data. ie:

will show results:

fetch logs, bucket:{"my-service_logs"}

will NOT show results:
fetch logs

The end goal is to get people to utilize buckets to optimize queries

p_devulapalli · ‎26 Aug 2025

@calfanonerey You can configure IAM policy permissions to limit user access to specific buckets , so they would only see the data from the buckets they have permissions to view.

https://docs.dynatrace.com/docs/shortlink/assign-bucket-table-permissions

https://docs.dynatrace.com/docs/shortlink/iam-policystatements#storage

Phani Devulapalli

calfanonerey · ‎26 Aug 2025

Thanks! But if I have a user with the assigned buckets and they do a fetch logs command they will just see the data for all the buckets they have access to right? Ideally I would want them to use the buckets parameter otherwise they should not see any data

p_devulapalli · ‎26 Aug 2025

@calfanonerey Right, they would see all buckets they have access to, not sure there is a way currently to enforce a rule at DQL query level.

This is an interesting option to have , you can open a idea and see if it gets through

For now, I think educating the end-users on the DQL best practices is the option (I know its not easy)

Phani Devulapalli