Skip to main content
Version: Next

Dashboard Access Control

This tutorial shows how to leverage Grafana's role-based access control (RBAC) to manage what dashboards a user has access to. If you're setting up a single DevLake instance to be shared by multiple teams in your organization, this tutorial can help you achieve data segregation between teams.

Example solution: one folder for each team

One of the simplest solutions is to create one Grafana folder for each team and assign permissions to teams at the folder level. Below is a step-by-step walk through.

  1. Sign in as Grafana admin and create a new folder


  1. Click "Permissions" tab and remove the default access of "Editor (Role)" and "Viewer (Role)"


After removing default permissions:


  1. Add "View" permission to the target team (you'll need to create this team in Grafana first)


  1. Copy/move dashboards into this folder (you may need to edit the dashboard so that it only shows data belongs to this team)


  1. Manage dashboard permissions by Grafana