This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Prevent javascript execution to users

Go to solution
paco_castillo
Observer

‎19 Feb 2025 09:41 AM - last edited on ‎20 Feb 2025 07:09 AM by Community Team

Hi Dynatrace community,

Is there a way to prevent users to execute javascript in apps? i.e Dashboards, workflows, notebooks etc...

The use case here is, we would need to prevent an user to create a javascript tile in the mentioned apps (to avoid malicious intents). Is there a permission in the policies for this?

The second use case is, can we prevent users to create a javascript tile but they can consume a dashboard/notebook/workflow that an user with elevated permissions have created?

Thanks!

Best regards,

Paco

0 Kudos
Reply
1 REPLY 1

Go to solution
erh_inetum
Champion

‎20 Feb 2025 03:00 PM

Hi Paco,

I think you can define a read-only IAM policy to the objects you need to.
Ex.:
ALLOW settings:objects:read, settings:schemas:read WHERE settings:schemaId IN ("builtin:dashboards.general","builtin:dashboards.presets","builtin:dashboards.image.allowlist");
ALLOW automation:workflows:read

 

However, someone may propose a more complete solution than mine.
Hope it helps anyway.
Regards,
Elena.

Reply
Ask a question

Featured Posts