Can I access variable value as access control?(Limit users to access Variable values)

I have created a dashboard with a dropdown variable that lists my server names. For example, these servers belong to individual IT persons. I want to give access to users based on the server name (list). For instance, if I am the owner of Server A, I need to assign access to a specific variable value A so that the respective IT personnel can view only the dashboard for Server A.

Note: Based on the variable, this dashboard fetches node metrics from the respective servers.

It depends.

For example you can use LBAC to define datasources and then RBAC to define access to those datasources

Where is this IT person to server relationship saved

@yosiasz Based on the AD group or user, we need to select which AD groups or users should have access to specific servers

1 Like

@jangaraj Thank you for your response. Let me go through it and get back to you.

So how is an ad group or user associated with one or many server(s)

Where is that relationship saved at, within as or elsewhere

Nowhere as of now, but I am planning to use variable values so that if a variable value matches a specific user, I need to give access to a specific panel

For example, if the variable name “serviceName” has values A, B, C, and D, I need to assign user A to the variable name value A.
so that when A users login to grafana it A value will be selected in variable and give A value specific pannel

1 Like

here are some things you can take a look at and I think you referenced the below post in slack channel

@yosiasz Yes. I have come across this blog, But I need to use azure AD as sso

Use Grafana SAML SSO against Azure AD with team sync - users will have assigned Grafana teams based on user groups in AD. Each team will have own RBAC custom role with query permissions for LBAC based datasources.

@jangaraj Can I have some examples of documents?
I have only one data source

Are we talking about sso for authentication purposes or are we talking about associating servers with users?

I am talking about associating servers with users.
Ex: I am the owner of server A., I will log in to Grafana using Azure Ad, I should able to access only A value in the variable so I will get access to A value specific pannel

yep, I think we have already established that :grin:

create and populate tables servers(server_id, server_name) and a bridge table called user_servers(server_id, mail varchar(150))

Then a query of the tables

select s.server_name as dropdown
 from servers  s
join user_servers us on s.server_id = us.server_id
where us.mail = ${__user.email} -- < currently logged in user

How can I connect with you @jangaraj,
I am using Amazon-managed-grafana
I don’t think that is possible, We can’t create table.

Sorry, this is not a private support, but public community forum.

If you need a private support session, then I recommend to pay for a Grafana support. Actually, you can connect to your AWS support, because they support your instance.

1 Like