Dynatrace Configuration as Code via Monaco (the Dynatrace Monaco CLI) supports the following configuration types:
For details on how to define configuration types, see Configuration.
This type of configuration is available on the latest Dynatrace platform and previous Dynatrace environments.
Settings 2.0 requires an access token, OAuth credentials or platform token.
The Dynatrace Monaco CLI provides general support for any Settings 2.0 schema available in your environment.
For details on Settings 2.0 schemas, see Settings 2.0 - Available schemas.
To configure Settings 2.0 settings, your access token requires the following permissions:
settings.read
)settings.write
)Dynatrace platform app settings require OAuth credentials or a platform token. For configuration details, see Create an OAuth client for the Dynatrace Monaco CLI or Create a platform token for the Dynatrace Monaco CLI.
For Settings 2.0, the required permissions are:
settings:objects:read
)settings:objects:write
)settings:schemas:read
)App settings may require more permissions than those listed above. Consult the App's documentation for details.
This type of configuration is only available on the latest Dynatrace platform environment and on schemas that support owner based access control.
Settings 2.0 permissions require OAuth credentials or a platform token. Access tokens can't be used.
The Dynatrace Monaco CLI only provides support for updating the all-users
permissions.
For Settings 2.0 permissions, the required permissions are:
settings:objects:read
)settings:objects:write
)settings:schemas:read
)This type of configuration is available for the latest Dynatrace platform and previous Dynatrace environments.
Note that most configuration APIs are deprecated in favor of Settings 2.0.
Configuration requires an access token.
The Dynatrace Monaco CLI provides support for most Configuration APIs.
The supported configuration types, their API endpoints, and the access token permissions required for interacting with any endpoint are listed below.
If there's a link in the Configuration type column, be sure to follow it for important additional information about that configuration type.
/api/config/v1/applicationDetectionRules/hostDetection
/api/config/v1/extensions/dynatrace.python.elasticsearch/global
/api/config/v1/service/failureDetection/parameterSelection/parameterSets
/api/config/v1/service/failureDetection/parameterSelection/rules
/api/config/v1/hosts/autoupdate
/api/config/v1/applications/mobile/{APPLICATION_ID}/keyUserActions
/api/config/v1/applications/web/{APPLICATION_ID}/keyUserActions
/api/config/v1/service/detectionRules/FULL_WEB_REQUEST
/api/config/v1/service/detectionRules/FULL_WEB_SERVICE
/api/config/v1/service/detectionRules/OPAQUE_AND_EXTERNAL_WEB_REQUEST
/api/config/v1/service/detectionRules/OPAQUE_AND_EXTERNAL_WEB_SERVICE
"/api/config/v1/applications/mobile/{APPLICATION_ID}/userActionAndSessionProperties"
For more information about each access token permission, see Dynatrace API - Tokens and authentication.
The Dynatrace Monaco CLI provides support for the following Dynatrace platform API types.
To target platform APIs, you need to provide OAuth credentials or a platform token.
automation:calendars:read
, automation:calendars:write
automation:rules:read
, automation:rules:write
automation:workflows:read
, automation:workflows:write
storage:bucket-definitions:read
, storage:bucket-definitions:write
, storage:bucket-definitions:delete
document:documents:write
, document:documents:read
, document:documents:delete
, document:trash.documents:delete
openpipeline:configurations:read
, openpipeline:configurations:write
storage:filter-segments:read
, storage:filter-segments:write
, storage:filter-segments:delete
, storage:filter-segments:admin
slo:slos:read
, slo:slos:write
To manage account resources, you need to provide OAuth credentials with the following permissions:
account-idm-readaccount-idm-writeaccount-env-readaccount-env-writeiam-policies-managementiam:policies:writeiam:policies:readiam:bindings:writeiam:bindings:read