The following sections provide information and instructions for assigning specific
Observability Platform tenant permissions to users through pre-defined roles.
Predefined
Observability Platform tenant Roles
These predefined roles allow administrators to define a user's actions in the Observability Platform tenant. They are Observability Platform tenant-specific with default permissions set and are not editable.
This page contains macros or features from a plugin which requires a valid license.
You will need to contact your administrator.
Cisco Observability Platform modules can also create roles through Solution Principals. Thus, if you subscribe to modules for Cloud Native Application Observability, you may see other roles in the Account Management Portal.
Can access other APIs meant for agent consumption.
User
Service Principal
Agent Principal
Config Manager
Inherits Troubleshooter Tenant role permissions.
Has full access to configure alerting, data sources, and other integrations.
Cannot perform administrator functions such as adding users to a tenant, modifying another user's access, or creating new service principals.
User
Service Principal
Observer
(Default)
Only has read-only access, but may not necessarily have access to read privileged information such as access configurations.
Users default to this role if you do not select a specific role for them.
Has read-only access to metrics, events, logs, and traces (MELT) data.
Cannot view configuration details.
User
Service Principal
Tenant Administrator
A Tenant Administratorcan access everything on a tenant except a public API that is not mapped to a permission.
User
Troubleshooter
Inherits Read Only Tenant role permissions.
Can manage health rules.
Can respond to system alerts.
Can troubleshoot issues.
User
Service Principal
Work with Role Assignments
Every user or Service Principal you assign to an
Observability Platform tenant has Observer access by default. You must assign the user or Service Principal to one of the available
Observability Platform tenant Roles to allow additional functionality.
To begin:
Navigate to Access Management > Tenant Roles.
Select an
Observability Platform tenant from the dropdown.
Click on a Role Name or highlight a row to expand the Role Details panel.
The Role Details panel provides three expandable and collapsible tabs:
Permissions tab—allows you to view and search the preset permissions for a role.
Users tab—allows you to assign an initial user and then displays a list of assigned users.
Service Principals tab—allows you to assign an initial Service Principal and then displays a list of assigned Service Principals.
Assign Users and Service Principals to Roles
Expand the Users or Service Principals tab.
If no assignment has been set up, click Assign users or Assign Service Principals.
Otherwise, click to add or remove them.
Check or uncheck one or more items to assign or unassign them to the role.