Menu
Important: This documentation is about an older version. It's relevant only to the release noted, many of the features and functions have been updated or replaced. Please view the current version.
Grafana documentation
Administration
Roles and permissions
Role-based access control (RBAC)
Configure RBAC
Enterprise
Open source
Configure RBAC in Grafana
Note: Available in Grafana Enterprise and Grafana Cloud Advanced.
The table below describes all RBAC configuration options. Like any other Grafana configuration, you can apply these options as environment variables.
Setting | Required | Description | Default |
---|---|---|---|
permission_cache | No | Enable to use in memory cache for loading and evaluating users’ permissions. | true |
permission_validation_enabled | No | Grafana enforces validation for permissions when a user creates or updates a role. The system checks the internal list of scopes and actions for each permission to determine they are valid. By default, if a scope or action is not recognized, Grafana logs a warning message. When set to true , Grafana returns an error. | false |
Example RBAC configuration
bash
[rbac]
permission_cache = true
Was this page helpful?
Related resources from Grafana Labs
Additional helpful documentation, links, and articles:

Getting started with the Grafana LGTM Stack
In this webinar, we’ll demo how to get started using the LGTM Stack: Loki for logs, Grafana for visualization, Tempo for traces, and Mimir for metrics.

Getting started with Grafana dashboard design (EMEA Timezone)
In this webinar, you'll learn how to design stylish and easily accessible Grafana dashboards that tell a story.

Unify your data with Grafana plugins: Datadog, Splunk, MongoDB, and more
In this webinar, learn how to leverage Grafana's plugin ecosystem for access to 80+ data sources, including plugins for Datadog, Splunk, MongoDB, and more.