Menu
Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.
Documentation
Grafana documentation
Grafana Enterprise
Fine-grained access control
Fine-grained access control references
Grafana documentation
Grafana Enterprise
Fine-grained access control
Fine-grained access control referencesEnterprise
Open source
Fine-grained access control references
The reference information that follows complements conceptual information about Roles.
Fine-grained access fixed roles
| Fixed roles | Permissions | Descriptions |
|---|---|---|
fixed:permissions:admin:read | roles:readroles:listroles.builtin:list | Allows to list and get available roles and built-in role assignments. |
fixed:permissions:admin:edit | All permissions from fixed:permissions:admin:read androles:writeroles:deleteroles.builtin:addroles.builtin:remove | Allows every read action and in addition allows to create, change and delete custom roles and create or remove built-in role assignments. |
fixed:reporting:admin:read | reports:readreports:sendreports.settings:read | Allows to read reports and report settings. |
fixed:reporting:admin:edit | All permissions from fixed:reporting:admin:read andreports.admin:writereports:deletereports.settings:write | Allows every read action for reports and in addition allows to administer reports. |
fixed:users:admin:read | users.authtoken:listusers.quotas:listusers:readusers.teams:read | Allows to list and get users and related information. |
fixed:users:admin:edit | All permissions from fixed:users:admin:read andusers.password:updateusers:writeusers:createusers:deleteusers:enableusers:disableusers.permissions:updateusers:logoutusers.authtoken:updateusers.quotas:update | Allows every read action for users and in addition allows to administer users. |
fixed:users:org:read | org.users:read | Allows to get user organizations. |
fixed:users:org:edit | All permissions from fixed:users:org:read andorg.users:addorg.users:removeorg.users.role:update | Allows every read action for user organizations and in addition allows to administer user organizations. |
fixed:ldap:admin:read | ldap.user:readldap.status:read | Allows to read LDAP information and status. |
fixed:ldap:admin:edit | All permissions from fixed:ldap:admin:read andldap.user:syncldap.config:reload | Allows every read action for LDAP and in addition allows to administer LDAP. |
fixed:server:admin:read | server.stats:read | Read server stats |
fixed:settings:admin:read | settings:read | Read settings |
fixed:settings:admin:edit | All permissions from fixed:settings:admin:read andsettings:write | Update settings |
fixed:datasource:editor:read | datasources:explore | Explore datasources |
Default built-in role assignments
| Built-in roles | Associated roles | Descriptions |
|---|---|---|
| Grafana Admin | fixed:permissions:admin:editfixed:permissions:admin:readfixed:reporting:admin:editfixed:reporting:admin:readfixed:users:admin:editfixed:users:admin:readfixed:users:org:editfixed:users:org:readfixed:ldap:admin:editfixed:ldap:admin:readfixed:server:admin:readfixed:settings:admin:readfixed:settings:admin:edit | Allows access to resources which Grafana Server Admin has permissions by default. |
| Admin | fixed:users:org:editfixed:users:org:readfixed:reporting:admin:editfixed:reporting:admin:read | Allows access to resource which Admin has permissions by default. |
| Editor | fixed:datasource:editor:read |
Was this page helpful?
Related resources from Grafana Labs
6 Nov
Getting started with managing your metrics, logs, and traces using Grafana
In this webinar, we’ll demo how to get started using the LGTM Stack: Loki for logs, Grafana for visualization, Tempo for traces, and Mimir for metrics.
60 min
Getting started with Grafana dashboard design
In this webinar, you'll learn how to design stylish and easily accessible Grafana dashboards that tell a story.
60 min
Building advanced Grafana dashboards
In this webinar, we’ll demo how to build and format Grafana dashboards.