Hi,
I am using Grafana OSS version 12.0. We installed Grafana on a Linux VM on-prem and using LDAP for Authentication.
We have following roles defined in LDAP. Admin, Editor and Read-only.
What I am trying to achieve is restrict one user to only have edit access to one dashboard folder.
Can this be done on OSS? Also, the editor role has delete access, can this be also restricted?
Regards
Fadil
Hi,
In Grafana, folder and dashboard permissions don’t limit access to data sources.
But you can do the following:
==> Go to the folder : Folder ACtions > Manage permissions and give that user Edit > permissions
Instead of relying only on roles to manage the folder access. Give permissions to grafana teams to access folder and not the grafana role in OSS. You will able to manage it more easily if you want to prevent some user to view other people’s dashboard.
But keep in mind: this only prevents the user from editing other people’s dashboards.
They will still be able to see and use all data sources in the tenant if i’m not mistaken if you give Edit permission on some folder/dashboard.
So if your goal is to really restrict data access, this setup is not what you are looking for.