Menu
Grafana Cloud
← Back to What's newAvailable in public previewData sourcesLogsAuthentication and authorization
Release date: 2024-04-01
Team LBAC
It is hard for teams to collaborate on dashboards because they have to use different datasources. Grafana instances become cluttered and confusing with 100s of datasources.
Team LBAC (Label Based Access Control) is our first step towards seamless management of Grafana Teams access for Loki logs. Each team views the same data source filtered by their team’s label permissions.
Feature highlights
- Teams can view queries to the same data source with different LBAC rules applied
- Configurable via API and the UI
- Simplified LBAC notation is automatically converted in correct custom headers
Best practices
- We recommend you only add query permissions for teams that will have LBAC rules, and remove default
ViewerandEditorquery permissions. - As an initial setup, we recommend defining as few rules as possible for each team, making sure that they are additive rather than negating one another.
- For validating rules, we recommend testing each rule in Loki Explore view. This allows you to see the logs that would be returned for the specific rule.
Was this page helpful?
Related resources from Grafana Labs
60 min
Getting started with managing your metrics, logs, and traces using Grafana
In this webinar, we’ll demo how to get started using the LGTM Stack: Loki for logs, Grafana for visualization, Tempo for traces, and Mimir for metrics.
60 min
Intro to Kubernetes monitoring in Grafana Cloud
In this webinar you’ll learn how Grafana offers developers and SREs a simple and quick-to-value solution for monitoring their Kubernetes infrastructure.
60 min
Building advanced Grafana dashboards
In this webinar, we’ll demo how to build and format Grafana dashboards.