Working with policies

Use Dynatrace identity and access management (IAM) to manage user access to Dynatrace features.

With the IAM framework, you can define policies that clearly specify whether an action in Dynatrace is allowed. When policies are bound to user groups, they describe an access pattern for the group that is enforced at runtime. This gives you much more fine-grained control over how your users interact with Dynatrace.

Basic

Manage IAM policies

List, create, delete, and copy policies using the Account Management.

Manage group permissions

Bind policies to user groups.

Create your policies

Learn the policy statement syntax and see the example custom policies.

Policy boundaries

Restrict security policies with policy boundaries for your data-tailored access.

Advanced

Global conditions

You can apply global conditions to any policy statement because they are not service-specific.

Global attributes

Apply attributes to certain global conditions, usable in the policy syntax without extra configuration.

Policy templating

Create reusable policies with parameterized values.

Migrate role-based permissions

Dynatrace security policies now support the classic role-based permissions, learn how to migrate them.

Reference

IAM permissions reference

A complete list of all supported IAM permissions across all Dynatrace services.

Policy management API

Manage the policies at scale using the policy management API.