cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Grant Access to Dynatrace Environment API for Specific User Group

GerardoAud
Frequent Guest

Hi all,

I am currently managing access controls within our Dynatrace setup and have a question regarding the Dynatrace Environment API.

I would like to grant access to a specific group of users through a policy. Is there a way to define a policy statement to specify access to the Dynatrace Environment API?

 

Thank you for your assistance!

1 REPLY 1

Peter_Youssef
Champion

Hi @GerardoAud 

You have two options:

  1. The first option through the CMC UI directly > Home > Users > Policy management.

2024-10-03_18h53_20.png

Here is the policy statement as an example you can tailor it as per your requirements:

ALLOW settings:objects:write, settings:objects:read, settings:scheamas:write, WHERE settings:schemaId = "Environment API v2";

  • you can get the schema id from the rest Api as well.

2024-10-03_19h46_21.png

  2. Through the rest Api, create access token with "ServiceProviderAPI" scope > under API v2 

2024-10-03_18h39_00.png

2024-10-03_18h40_51.png

2024-10-03_18h44_00.png

Then

  • create a policy and then will bind the policy with the below post Api under Cluster API v2 > IAM - policy bindings

2024-10-03_18h47_18.png

2024-10-03_18h49_19.png

If you need to get the current schemas > Environment API V2.

2024-10-03_20h45_12.png

@GerardoAud I'm sure you will do it better than described, keep us posted Pro.

Regards,

Peter.

Featured Posts