Configuration types and access permissions

Dynatrace Configuration as Code via Monaco (the Dynatrace Monaco CLI) supports the following configuration types:

For details on how to define configuration types, see Configuration.

Settings 2.0

This type of configuration is available on the latest Dynatrace Platform and previous Dynatrace environments.

Settings 2.0 requires an API access token or OAuth credentials.

The Dynatrace Monaco CLI provides general support for any Settings 2.0 schema available in your environment.

For details on Settings 2.0 schemas, see Settings 2.0 - Available schemas.
To configure Settings 2.0 settings, your access token requires the following permissions:
- Read settings (settings.read)
- Write settings (settings.write)
Dynatrace Platform App settings require OAuth credentials. See our OAuth client guide for configuring them.

For Settings 2.0, the required permissions are:
- View settings objects for schema (settings:objects:read)
- Create settings objects for schema (settings:objects:write)
- View settings schemas (settings:schemas:read)

App settings may require more permissions than those listed above. Consult the App's documentation for details.

Supported configuration API types

This type of configuration is available for the latest Dynatrace Platform and previous Dynatrace environments.

Note that most configuration APIs are deprecated in favor of Settings 2.0.

Configuration requires an API access token.

The Dynatrace Monaco CLI provides support for most Configuration APIs.

The supported configuration types, their API endpoints, and the access token permissions required for interacting with any endpoint are listed below.
If there's a link in the Configuration type column, be sure to follow it for important additional information about that configuration type.

Configuration type

Endpoint

Access token permissions

alerting-profile
Non-Unique Name Configuration

Alerting profiles API - POST a profile
/api/config/v1/alertingProfiles

Read Configuration and Write Configuration

allowed-beacon-origins
Single Configuration Endpoint

Allowed beacon domains API - PUT configuration
/api/config/v1/allowedBeaconOriginsForCors

Read Configuration and Write Configuration

anomaly-detection-applications
Single Configuration Endpoint

Application anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/applications

Read Configuration and Write Configuration

anomaly-detection-aws
Single Configuration Endpoint

AWS anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/aws

Read Configuration and Write Configuration

anomaly-detection-database-services
Single Configuration Endpoint

Database anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/databaseServices

Read Configuration and Write Configuration

anomaly-detection-disks

Disk events anomaly detection API - POST an event
/api/config/v1/anomalyDetection/diskEvents

Read Configuration and Write Configuration

anomaly-detection-hosts
Single Configuration Endpoint

Host anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/hosts

Read Configuration and Write Configuration

anomaly-detection-metrics
Non-Unique Name Configuration

Metric events anomaly detection API - POST an event
/api/config/v1/anomalyDetection/metricEvents

Read Configuration and Write Configuration

anomaly-detection-services
Single Configuration Endpoint

Services anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/services

Read Configuration and Write Configuration

anomaly-detection-vmware
Single Configuration Endpoint

VMware anomaly detection API - PUT configuration
/api/config/v1/anomalyDetection/applications

Read Configuration and Write Configuration

app-detection-rule
Non-Unique Name Configuration

Applications detection rules API - POST a rule
/api/config/v1/applicationDetectionRules

Read Configuration and Write Configuration

app-detection-rule-host
Single Configuration Endpoint

Applications detection rules API - PUT host detection headers
/api/config/v1/applicationDetectionRules/hostDetection

Read Configuration and Write Configuration

application-web
Non-Unique Name Configuration

Web application configuration API - POST a web application
/api/config/v1/applications/web

Read Configuration and Write Configuration

application-mobile

Mobile and custom app API - POST an app
/api/config/v1/applications/mobile

Read Configuration and Write Configuration

auto-tag

Automatically applied tags API - POST an auto-tag
/api/config/v1/autoTags

Read Configuration and Write Configuration

aws-credentials
Cannot be downloaded

AWS credentials API - POST new credentials
/api/config/v1/aws/credentials

Read Configuration and Write Configuration

azure-credentials
Cannot be downloaded

Azure credentials API - POST new credentials
/api/config/v1/azure/credentials

Read Configuration and Write Configuration

calculated-metrics-application-mobile
Special Name requirements

Mobile app metrics API - POST a metric
/api/config/v1/calculatedMetrics/mobile

Read Configuration and Write Configuration

calculated-metrics-application-web
Special Name requirements

Mobile app metrics API - POST a metric
/api/config/v1/calculatedMetrics/rum

Read Configuration and Write Configuration

calculated-metrics-log
Special Name requirements

Log Monitoring metrics API - PUT a metric
/api/config/v1/calculatedMetrics/log

Read Configuration and Write Configuration

calculated-metrics-service
Special Name requirements

Service metrics API - POST a metric
/api/config/v1/calculatedMetrics/service

Read Configuration and Write Configuration

calculated-metrics-synthetic
Special Name requirements

Synthetic metrics API - POST a metric
/api/config/v1/calculatedMetrics/synthetic

Read Configuration and Write Configuration

conditional-naming-host

Conditional naming API - POST a new naming rule
/api/config/v1/conditionalNaming/host

Read Configuration and Write Configuration

conditional-naming-processgroup

Conditional naming API - POST a new naming rule
/api/config/v1/conditionalNaming/processGroup

Read Configuration and Write Configuration

conditional-naming-service

Conditional naming API - POST a new naming rule
/api/config/v1/conditionalNaming/service

Read Configuration and Write Configuration

content-resources
Single Configuration Endpoint

Content resources API - PUT configuration
/api/config/v1/contentResources

Read Configuration and Write Configuration

credential-vault
Cannot be downloaded

Credential vault API - POST a set of credentials
/api/config/v1/credentials

Read credential vault entries and Write credential vault entries

custom-service-java

Custom services API - POST a custom service rule
/api/config/v1/service/customServices/java

Read Configuration and Write Configuration

custom-service-dotnet

Custom services API - POST a custom service rule
/api/config/v1/service/customServices/dotnet

Read Configuration and Write Configuration

custom-service-go

Custom services API - POST a custom service rule
/api/config/v1/service/customServices/go

Read Configuration and Write Configuration

custom-service-nodejs

Custom services API - POST a custom service rule
/api/config/v1/service/customServices/nodejs

Read Configuration and Write Configuration

custom-service-php

Custom services API - POST a custom service rule
/api/config/v1/service/customServices/php

Read Configuration and Write Configuration

dashboard
Non-Unique Name Configuration

Dashboards API - POST a dashboard
/api/config/v1/dashboards

Read Configuration and Write Configuration

dashboard-share-settings
Single Configuration Endpoint
**Scoped Configuration*

Dashboards API - GET sharing configuration
/api/config/v1/dashboards/{SCOPE}/shareSettings

Read Configuration and Write Configuration

data-privacy
Single Configuration Endpoint

Data privacy API - PUT configuration
/api/config/v1/dataPrivacy

Read Configuration, DataPrivacy

extension
Cannot be downloaded

Extensions API - POST an extension .zip file
/api/config/v1/extensions

Read Configuration and Write Configuration

extension-elasticsearch
Single Configuration Endpoint

Extensions API - POST an extension .zip file
/api/config/v1/extensions/dynatrace.python.elasticsearch/global

Read Configuration and Write Configuration

failure-detection-parametersets

Failure detection API - POST a parameter set
/api/config/v1/service/failureDetection/parameterSelection/parameterSets

Read Configuration and Write Configuration

failure-detection-rules

Failure detection API - POST a detection rule
/api/config/v1/service/failureDetection/parameterSelection/rules

Read Configuration and Write Configuration

frequent-issue-detection
Single Configuration Endpoint

Frequent issue detection API - PUT configuration
/api/config/v1/frequentIssueDetection

Read Configuration and Write Configuration

geo-ip-address-mappings
Single Configuration Endpoint

IP address mapping rules - PUT configuration
/api/config/v1/geographicRegions/ipAddressMappings

Read Configuration and Write Configuration

geo-ip-detection-headers
Single Configuration Endpoint

IP mapping header rules - PUT configuration
/api/config/v1/geographicRegions/ipDetectionHeaders

Read Configuration and Write Configuration

hosts-auto-update
Single Configuration Endpoint

OneAgent environment-wide configuration API - PUT auto-update configuration
/api/config/v1/hosts/autoupdate

Read Configuration and Write Configuration

key-user-actions-mobile
Scoped Configuration

Mobile and custom app API - GET key user actions
/api/config/v1/applications/mobile/{APPLICATION_ID}/keyUserActions

Read Configuration and Write Configuration

key-user-actions-web
Scoped Configuration

Web application configuration API - GET key user actions
/api/config/v1/applications/web/{APPLICATION_ID}/keyUserActions

Read Configuration and Write Configuration

kubernetes-credentials
Cannot be downloaded

Kubernetes credentials API - POST new credentials
/api/config/v1/kubernetes/credentials

Read Configuration and Write Configuration

maintenance-window

Maintenance windows API - POST a maintenance window
/api/config/v1/maintenanceWindows

Read Configuration and Write Configuration

management-zone

Management zones API - POST a management zone
/api/config/v1/managementZones

Read Configuration and Write Configuration

network-zone
Dynatrace Monaco CLI version 2.10.0+

Network zones API
/api/v2/networkZones

Read network zones and Write network zones

notification

Notifications API - POST a notification configuration
/api/config/v1/notifications

Read Configuration and Write Configuration

reports

Reports API - POST a report
/api/config/v1/reports

Read Configuration and Write Configuration

request-attributes

Request attributes API - POST a request attribute
/api/config/v1/service/requestAttributes

Read Configuration and Capture request data

request-naming-service
Non-Unique Name Configuration

Request naming API - POST a new request naming rule
/api/config/v1/service/requestNaming

Read Configuration and Write Configuration

slo

Service-level objectives API - POST an SLO
/api/v2/slo

Read SLO and Write SLO

service-detection-full-web-request

Service detection API - POST a full web request rule
/api/config/v1/service/detectionRules/FULL_WEB_REQUEST

Read Configuration and Write Configuration

service-detection-full-web-service

Service detection API - POST a full web service rule
/api/config/v1/service/detectionRules/FULL_WEB_SERVICE

Read Configuration and Write Configuration

service-detection-opaque-web-request

Service detection API - POST an opaque web request rule
/api/config/v1/service/detectionRules/OPAQUE_AND_EXTERNAL_WEB_REQUEST

Read Configuration and Write Configuration

service-detection-opaque-web-service

Service detection API - POST an opaque web service rule
/api/config/v1/service/detectionRules/OPAQUE_AND_EXTERNAL_WEB_SERVICE

Read Configuration and Write Configuration

service-resource-naming
Single Configuration Endpoint

Services configuration API
/api/config/v1/service/resourceNaming

Read Configuration and Write Configuration

synthetic-location

Synthetic locations API - POST a location
/api/v1/synthetic/locations

Access problem and event feed, metrics, and topology and Create and read synthetic monitors, locations, and nodes

synthetic-monitor

Synthetic monitors API - POST a monitor
/api/v1/synthetic/monitors

Create and read synthetic monitors, locations, and nodes

user-action-and-session-properties-mobile
Scoped Configuration

Mobile and custom app API - GET all user session properties
"/api/config/v1/applications/mobile/{APPLICATION_ID}/userActionAndSessionProperties"

Read Configuration and Write Configuration

For more information about each token permission, see Dynatrace API - Tokens and authentication.

Supported platform API types

The Dynatrace Monaco CLI provides support for the following Dynatrace platform API types.

To target platform APIs, you need to provide OAuth credentials.

Configuration type

Endpoint

OAuth client permissions

Dyntrace Monaco CLI version

business-calendars

/platform/automation/v1/business-calendars

automation:calendars:read, automation:calendars:write

2.6.0+

scheduling-rules

/platform/automation/v1/scheduling-rules

automation:rules:read, automation:rules:write

2.6.0+

workflows

/platform/automation/v1/workflows

automation:workflows:read, automation:workflows:write

2.6.0+

buckets

/platform/storage/management/v1/bucket-definitions

storage:bucket-definitions:read, storage:bucket-definitions:write, storage:bucket-definitions:delete

2.9.0+

documents

/platform/document/v1/documents

document:documents:write, document:documents:read, document:documents:delete, document:trash.documents:delete

2.15.0+

openpipelines

/platform/openpipeline/v1/configurations

openpipeline:configurations:read, openpipeline:configurations:write

2.15.0+

Account management permissions

To manage account resources, you need to provide OAuth credentials with the following permissions:

account-idm-read
account-idm-write
account-env-read
account-env-write
iam-policies-management
iam:policies:write
iam:policies:read
iam:bindings:write
iam:bindings:read