Dynatrace Monaco CLI version 2.24.0+
This guide shows you how to create a platform token for use with Dynatrace Configuration as Code via Monaco.
A platform token for the Dynatrace Monaco CLI typically needs the scopes outlined in the table that follows.
Purpose | Scopes |
---|---|
Access platform metadata like Classic URLs and version information | app-engine:apps:run |
Manage Settings 2.0 objects and its all-users permission | settings:objects:read , settings:objects:write |
View Settings 2.0 schemas | settings:schemas:read |
Manage automation workflows | automation:workflows:read , automation:workflows:write , automation:calendars:read , automation:calendars:write , automation:rules:read , automation:rules:write |
Access all Automation Workflows1 | automation:workflows:admin |
Manage Grail buckets | storage:bucket-definitions:read , storage:bucket-definitions:write , storage:bucket-definitions:delete |
Manage documents | document:documents:read , document:documents:write , document:documents:delete , document:trash.documents:delete |
Manage segments | storage:filter-segments:read , storage:filter-segments:write , storage:filter-segments:delete , storage:filter-segments:admin |
Manage Service-Level Objectives (SLOs) | slo:slos:read , slo:slos:write |
To use the automation:workflows:admin
scope, you need to create a custom policy granting that scope, bind a group to it, and assign your user to that group in Account Management before creating the OAuth client. For detailed information on managing policies, see Manage IAM policies.