What's new from Grafana Labsbreadcrumb arrow Kubernetes Monitoring reader role
What's new from Grafana Labs
What's new from Grafana Labs
Grafana Cloud Generally Available Authentication and authorization Kubernetes Monitoring Breaking change
Release date: 2025-11-14

Kubernetes Monitoring reader role

Many customers give users no basic role as their default starting point. However, until now, there wasn’t a way to selectively grant access to Kubernetes Monitoring. That meant teams who needed Kubernetes capabilities often couldn’t use it without getting far broader permissions than intended.

The new Kubernetes reader role fixes that. You can grant Kubernetes-specific access to viewers, editors, or anyone without a basic role. Your teams can start using Kubernetes Monitoring while keeping the rest of your environment locked down.

Note: If you previously granted users the None basic role plus plugins.app:access, those users will now lose access to Kubernetes. To restore it, add the new Kubernetes reader role to their custom role.

Precision access with RBAC custom plugin roles
Related What's new posts
docs icon 2025-11-14
Update Cloud Policy Token Expiration Dates
docs icon 2025-10-31
Grafana Assistant available in Kubernetes Monitoring
docs icon 2025-10-28
Increased capacity for Team LBAC rules