Forum Stats

  • 3,734,235 Users
  • 2,246,914 Discussions
  • 7,857,193 Comments

Discussions

Would like to know Min privs/rols should be granted to user to work and manage Grafana .

User_MACVS
User_MACVS Member Posts: 4 Red Ribbon

Internally we are configuring Oracle Enterprise Manager App for Grafana with OEM 13.3/4.

Currently we have used Super admin to perform eh configurations,as i see document below not to use SYSMAN/Super admins for the same.

So we would like to know Min privs/rols should be granted to user to work and manage Grafana .

https://docs.oracle.com/en/enterprise-manager/cloud-control/enterprise-manager-cloud-control/13.4/emgrf/add-enterprise-manager-data-source.html

Answers

  • User_MACVS
    User_MACVS Member Posts: 4 Red Ribbon

    can someone help me with my queries please

  • raphi
    raphi Member Posts: 9 Blue Ribbon

    I am trying to figure this out myself but so far without luck. In the "tell us about your experience with grafana" thread they say that the user needs the View any target privilege. I configured a user as such but it is not working. I then tried to assign the View privilege on a dynamic group, which also does not work:

    The user can connect to OEM (with EM User/Public roles) but when I try to access a database instance's homepage via "Targets->Database" it says "User does not have privilege on target".

    The group "Grafana Targets" has privilege propagation on but it says in the groups setting page, that this does only work when you have full access to a target, which the Grafana user does not have.

    The only way I found to make it work is to assign the view privilege to a specific database instance but this is not feasable for us. We have hundreds of databases in OEM which come and go on a daily basis and I do not want to manually manage the View privilege for each instance.

    Can someone please tell us how to configure the user in a way that it can access all targets future and present without any further intervention needed when a new target is added?

  • raphi
    raphi Member Posts: 9 Blue Ribbon

    Okay it's a bit misleading but the user onlys needs the "View any target" privilege without any specific target privileges. He won't be able to access any target's homepage inside OEM but it works for Grafana.

Sign In or Register to comment.