AppDynamics switched from Semantic Versioning to Calendar Versioning starting in February 2020 for some agents and March 2020 for the entire product suite.

    Skip to end of metadata
    Go to start of metadata

    Related Pages:

    Your Rating:
    1 Star2 Star3 Star4 Star5 Star
    29 rates

    This page provides an overview of roles and permissions in AppDynamics.

    Roles define a set of permissions that users of the Controller may have within the AppDynamics-managed environment. This is also called role-based access control, or RBAC. 

    The Controller UI enables you to apply permissions at a granular level. For example, you can grant permission to configure only a single application or a particular tier or to access a particular feature of the UI, such as custom dashboards.

    Predefined Roles

    The Controller UI includes predefined roles for administrator and read-only users. You cannot edit the predefined role permissions, however, you can create new roles as described in Creating Custom Roles.

    The Controller UI includes these roles:

    • Account Owner: Can add or edit users, groups, roles, and the authentication provider. This role has most of the account-level permissions and is sometimes known as the account administrator. See Account Permissions.
    • Administrator: Can view and modify components that change state, such as applications, business transactions, dashboards, and so on. Can create War Rooms, view business flows, view and configure scheduled reports. This role can not add or edit users, groups, or roles.
    • Analytics Administrator: Can view and grant access to Analytics features, such as creating API keys, creating metrics, creating extracted fields, and granting access for viewing analytics data. The Analytics Administrator has the capability to control which roles have access to specific applications or log source types. Additionally, the Analytics Administrator is the only user who is in charge of saved searches. By creating different saved searches, the Analytics admin can provide different data access levels to analytics users. For more details, see Analytics and Data Security and Business iQ Analytics Permissions.
    • Dashboards Viewer: Can view custom dashboards. 
    • DB Monitoring User: Can view the Database Monitoring UI. Cannot add, edit or delete database collectors.
    • DB Monitoring Administrator: Can view the Database Monitoring UI and add, edit or delete database collectors.
    • Server Monitoring Administrator: Can view the Server Monitoring UI and configure Service Monitoring features including Service Availability Monitoring.
    • Server Monitoring User: Can view Server Monitoring UI. Can not configure Server Monitoring features.
    • Universal Agent Administrator: Can configure and view the Universal Agent.
    • Universal Agent User: Can view the Universal Agent.
    • Applications and Dashboards Viewer: Can view all applications and their dashboards but cannot edit any (formerly known as the Read-Only User).
    • Workflow Executor: Can execute workflows.
    To view the predefined roles
    1. While logged in to the Controller UI as an Administrator or Account Owner, go to  > Administration.
    2. Click the Roles tab to view the list of predefined roles.
      Roles Administration
    3. Click the Users and Groups with this Role tab to view users and groups assigned to a selected role.

      Users and Groups With This Role

    Creating Custom Roles

    Users with the Account Owner role or the Administer users, groups, roles ...permission can create new custom roles in the Controller UI. A common strategy for designing roles is to create a role with the minimum permissions allowable for all users, such as view permissions. Then you can create roles that use customizations of that minimum permission role to give additional, explicit permissions to a specific feature or business application. 

    You can clone predefined roles as a starting point for creating your own customized roles, but you should not assume the cloned roles have all of the permissions of the predefined role. In some cases, there may be hidden permissions, so you should add or remove permissions as needed for your customized role to ensure that you get the RBAC result you need.

    To create or edit a custom role
      1. While logged in to the Controller UI as an Account Owner, or other role with the Administer users, groups, roles ...permission, go to  > Administration.
      2. Click the Roles tab to view the list of predefined roles.
        From the tab, you can create new roles and modify or delete custom roles.
      3. Click + Create to create a custom role.

        Create a Role
      4. Configure permissions by clicking the tabs.
        1. Account
        2. Applications 
        3. Databases
        4. Analytics 
        5. Dashboards
        6. Users and Groups with this Role
    • No labels