Dashboard Access Control
This tutorial shows how to leverage Grafana's role-based access control (RBAC) to manage what dashboards a user has access to. If you're setting up a single DevLake instance to be shared by multiple teams in your organization, this tutorial can help you achieve data segregation between teams.
Example solution: one folder for each team
One of the simplest solutions is to create one Grafana folder for each team and assign permissions to teams at the folder level. Below is a step-by-step walk through.
- Sign in as Grafana admin and create a new folder
- Click "Permissions" tab and remove the default access of "Editor (Role)" and "Viewer (Role)"
After removing default permissions:
- Add "View" permission to the target team (you'll need to create this team in Grafana first)
- Copy/move dashboards into this folder (you may need to edit the dashboard so that it only shows data belongs to this team)