IAM services reference

All supported values for each IAM service, permission, and condition are listed below. Use them to define access policies based on a fine-grained set of permissions and conditions that can be enforced per service.

New

This feature is currently in Preview release.

appgateway

AppGateway

appgateway:apps:write

Enables installing and uninstalling apps

appgateway:apps:read

Enables listing all apps and reading the app bundles

appgateway:apps:execute

Enables retrieving static resources and calling functions of apps

dynatrace.settings

Settings service

dynatrace.settings:objects:read

Enables reading of settings objects belonging to the schema

Conditions:

  • schemaId — Schema identifier
    • operators: IN, =, !=

dynatrace.settings:objects:write

Enables writing of settings objects belonging to the schema

Conditions:

  • schemaId — Schema identifier
    • operators: IN, =, !=

dynatrace.settings:schemas:read

Enables reading settings schemas

Conditions:

  • schemaId — Schema identifier
    • operators: IN, =, !=