Resources Role Permissions
Last updated on 14 August, 2024You can establish the level of resource permissions that users assigned this role can have. You can assign view, acknowledge, SDT, and threshold permissions to all devices or services found within a resource group. In addition, manage and remote session permissions are available for device groups and subgroups.
Resource permissions can only be assigned at the group level. You cannot assign view or manage permissions to individual resources within a group. If not explicitly assigned, subgroups inherit permissions specified for a parent group.
Note: You cannot directly assign manage permissions to dynamic groups (or services which are a type of dynamic group) as the resources that make up these groups are change often. Only administrators and those with admin-level manage permissions to resources (the All option is selected at the top of the table of resources) have the ability to manage dynamic groups. For more information on dynamic groups, see Device Groups Overview.
The following permissions are available for Resources:
- View—Provides the ability to view all resources within a selected group. View permissions are required to view resource data from dashboard widgets, reports, and the Alerts page. You must enable view permissions for at least one resource group for the Resources page to be displayed for this role.
- Acknowledge—Provides the ability to acknowledge alerts for the resources in the selected group.
- SDT—Provides the ability to schedule downtime for the resources in the selected group.
- Threshold—Allows a user to set or update datapoint thresholds at the resource group, resource, or instance level.
- Manage—Manage permissions incorporate view, acknowledge, SDT, and threshold permissions. In addition, this permission level provides the ability to:
- Edit and delete resources within the selected group.
- Create new subgroups for the group.
- Add new resources to the selected group.
Note: When adding new resources, you must assign the resource to a Collect or Collector group. You must also have view permissions to the relevant Collectors. For more information, see Settings Permissions.
- Remote session—Applies to device groups only, allowing users to remotely access and operate the devices within a selected group from within the LogicMonitor platform. When this functionality is assigned, it is initiated from the Resources page. For more information, see Remote Session.
Service Group Permissions
Service Group permissions are managed within the subset of Resources. LM Services can be created within existing Service Groups if provided during instrumentation, or will be automatically created at ingestion (for Service Namespaces).
The existing functionality within Resources is also supported for Service groups.
Manage Resource Dashboards
You can allow a user assigned this role to manage the resource dashboards (for example, the graphs tab) for each resource in which the user is assigned permissions.
Config Tab Only Visible with Manage Permissions
You can allow users assigned this role to view the Configs tab that displays for ConfigSources. The user must have the Manage permission for that resource.
Configuring Resources Permissions
- At the Permissions step of the Add Role wizard, select the Resources tab.
- To allow a user assigned this role to manage the resource dashboards, select Allowed to manage Resource Dashboards.
- To allow a user assigned this role to view the Map tabs of a resource, select Allowed to view Maps Tabs.
- To allow a user assigned this role to view the Configs tab for ConfigSources, select Configs tab only visible with Manage Permissions.
- From the Resources table, enable the permissions for the applicable Resources.
You can enable View, Acknowledge, SDT, Threshold, Manage, or Remote Session for all resources by selecting the applicable permission for All Resources.
Note: Enabling all permissions for a resource sets the level of permissions for all existing resource groups and all future resources groups.
- Select Next: Finish.