This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
Open Q&A
If there's no good subforum for your question - ask it here!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RBAC Question for Hosts Access

GregOReilly
Advisor

‎20 Jan 2026 11:06 AM - edited ‎20 Jan 2026 11:12 AM

Hello,

We are working with a customer right now to onboard additional servers in Discovery mode to allow them to turn off the legacy tool.

The customer infrastructure manager only wants his team to be able to see the 1000+ servers, and is happy for any existing servers to be available to those existing users. His team are a service provider. They only need access to hosts (not logs, rum, spans, metrics and events only).

The infrastructure team also do not want everyone to see all servers.....just his team.

Is the right approach to TAG the new servers as INFRATEAMONLY=TRUE and then setup access for his team only see hosts with those tags?

Is there another way?

There are both classic and new apps we need to consider. Hosts Classic vs Infrastructure and Operations New.

Management Zones only work with Classic Apps.

Segments only work with new apps. Not Classic.

I cannot request a new tenant just for infrastructure monitoring because we have 100+ app servers in Full Stack. 

0 Kudos
Reply
5 REPLIES 5

AntonPineiro
DynaMight Guru
DynaMight Guru

‎20 Jan 2026 11:19 AM

Hi,

Maybe this recent video about Dynatrace IAM might be helpful.

Best regards

❤️ Emacs ❤️ Vim ❤️ Bash ❤️ Perl
Reply

GregOReilly
Advisor
In response to AntonPineiro

‎20 Jan 2026 11:23 AM

Thanks Anton, let me take a look.

 

0 Kudos
Reply

ChadTurner
DynaMight Legend
DynaMight Legend

‎20 Jan 2026 01:10 PM

The link that @AntonPineiro shared will be a great source for planning out what you want to do. You also hit the nail on the head, With the Classic away using Management Zones and the Gen 3 way, using the Infrastructure and Operations App with segments will be your biggest hang up as Management Zones and Segments achieve the same overall function, however, the two are vastly different when designing and setting them up. 

-Chad
Reply

GregOReilly
Advisor
In response to ChadTurner

‎22 Jan 2026 12:47 PM

So we followed the video above. Added the "hosts" we want to control access too. We added to a dedicated management zone and then added a policy to allow "my new role" with access to the management zone.

This only works for Classic Hosts Applications. Not New Infrastructure or Clouds Apps.

What is the process to align this access? A segment? 

GregOReilly_0-1769085998710.png

 

0 Kudos
Reply

GregOReilly
Advisor
In response to GregOReilly

‎22 Jan 2026 02:18 PM

To make things easy, we want to restrict access to hosts in Discovery Mode. One group for infrastructure teams will only be able to see those servers in Discovery. 

0 Kudos
Reply
Ask a question

Featured Posts