The Settings 2.0 framework provides a unified instrument to control various configurations in Dynatrace. Whether you use the Dynatrace web UI or the Settings API, you're setting the same configurations with the same effect.
Each Settings 2.0 configuration is represented by a settings object (which defines a particular set of parameters) and is based on a settings schema (which defines which parameters the configuration includes). Schemas are created and managed by Dynatrace; you cannot create your own schemas. Objects, on the other hand, are entirely within your control.
Scope and hierarchy of settings
Many settings can be set for different scopes (for an entire monitoring environment or a specific entity). The default scope is global (the entire monitoring environment).
Configurations that are available via the Settings entry of the Dynatrace menu affect the entire environment. You can check for existing entity-level overrides of the environment-level setting. Select More (…) > Hierarchy and overrides. From here, you can easily navigate to entity-level configurations, which in turn provide information on the parent setting.
The most specific setting always takes precedence. For example, a configuration on the host level overrides a configuration on the host-group level, and in turn, a host-group level configuration overrides an environment-level configuration.
If a setting is available at multiple levels, manage it on the highest possible level. High-level settings scale automatically to every child entity; you don't have to apply them manually.
For some settings, the order of the items is essential. For example, naming rules are evaluated in a particular order, and the first matching rule applies.
Ordered settings can be defined on the global and entity level. However, hierarchy works slightly differently here—entity-level settings don't override global settings, they extend them. The list of entity-level settings is prepended on top of the global list; therefore, entity-level rules are evaluated first. If none of the entity-level rules apply, the evaluation continues with global rules.
You can easily re-order ordered items by dragging and dropping them to the required position.
Every Settings 2.0 configuration maintains a history of changes, keeping track of changes to the configuration and who made these changes. To access history, select More (…) > Revision history.
Permissions and access
Access to settings is controlled via IAM policies. Policies enable you to create flexible and granular access to configurations, where users have access only to those settings where they have permissions assigned. No additional permissions are needed for policies to take effect. Policies grant access to configurations via both the Dynatrace web UI and the Settings API unless configured otherwise on the schema level.
If you need to configure fine-grained access to certain entities, you can do so via management zones or host groups. Note that an entity might be a part of multiple management zones but only one host group, which makes the host-group-based approach more direct, while the management-zone-based approach provides more flexibility.
To learn how to configure access policies for settings, see IAM service reference. Below you can find some sample policies.
1ALLOW settings:objects:read, settings:objects:write, settings:schemas:read2WHERE settings:schemaId = "builtin:monitoring.slo";
1ALLOW settings:objects:read, settings:objects:write, settings:schemas:read2WHERE settings:schemaGroup = " group:cloud-automation";
1ALLOW settings:objects:read, settings:schemas:read2WHERE settings:schemaId = "builtin:management-zones";
1ALLOW settings:schemas:read;2ALLOW settings:objects:read, settings:objects:write3WHERE settings:entity.hostGroup = "easyTravel";
This policy also affects global settings that apply to the easyTravel management zone.
1ALLOW settings:schemas:read;2ALLOW settings:objects:read, settings:objects:write3WHERE environment:management-zone = "easyTravel";
1ALLOW settings:schemas:read;2ALLOW settings:objects:read, settings:objects:write3WHERE settings:schemaId = "builtin:anomaly-detection.infrastructure-hosts” AND environment:management-zone = "easyTravel";