Dynatrace product experts can assist you remotely with Dynatrace Managed cluster upgrades and troubleshooting when you run into problems. The prerequisite is that Dynatrace product experts need to have permission to remotely access your Dynatrace Managed cluster. You can configure remote access permissions for your Dynatrace Managed cluster to authorize Dynatrace product experts to provide you with updates and pro-active support.
You must have cluster administrator privileges to access Cluster Management Console.
To configure the level of permissions within your cluster, in the Cluster Management Console, go to Settings > Remote access permissions.
On this page, you can allow Dynatrace product experts remote access to your cluster. If this setting is enabled and events are detected, Dynatrace product experts can remotely adjust your cluster settings to ensure optimum performance and stability.
All communication with Mission Control is secure and performed via HTTPS with browser-like certificate checks. All Dynatrace Managed configuration changes are fully audit-logged and each remote access is logged as a separate event (go to Events to view the list of recorded events). The Mission Control team can't access certificates or user credentials. They also can't gain root access to any servers.
Once Dynatrace remote access is enabled, you can set remote access permissions for Dynatrace product experts with one of the following scopes.
All
The entire Dynatrace product expert team can access your cluster to provide you with the full power of pro-active support and optimize your cluster settings.
Read-only access to all
The entire Dynatrace product expert team can access your cluster but they can't edit any cluster settings. This option significantly limits the level of pro-active support. With this option, only the Viewer role is available for a remote-access user. Dynatrace product experts will contact you to make required changes if necessary.
Approved
Only approved Dynatrace product experts can access your cluster. Your cluster administrators receive an email notifications about pending remote access requests. The cluster administrator needs to approve each request to grant permissions. You can adjust the duration and role you grant. You can also grant permissions to known Dynatrace product experts up front.
This scope gives you maximum control over who can access your cluster, but it significantly impacts the Dynatrace product expert team's ability to provide you with pro-active support.
You can assign the Admin, User, or Viewer role for a remote-access user. Refer to the following table for details on the permissions each role is assigned.
You can also use the Remote Access REST API to adjust settings and remote-access permissions. For details, see Dynatrace Cluster API.