Hello,
In our company, we need some separation of access privileges in our teams. In particular, to Loki Datasources (Tenants).
As far as I understand, setting permissions directly in Datasources and assigning them to specific Teams is only possible in the Enterprise version of Grafana.
Therefore, we are considering the possibility of creating multiple Grafana Organizations with their own isolated Datasources and other objects.
The question is - how to create Grafana Organizations (give them names and permanent IDs) not through the Grafana interface or API, but permanently in configuration files, in particular through the Helm chart? I did not find such information in the documentation.
I somehow managed to create Organizations during the deploy of the Helm chart, but this method doesn’t solve any problems. Objects that were supposed to be created during Grafana initialization (dashboards, datasources) won’t be created with a different OrgID because the Organizations are not yet created at the time of Grafana initialization.
Something like this:
lifecycleHooks:
postStart:
exec:
command:
- bash
- -c
- |
#!/bin/bash
ORGS=("ORG1" "ORG2" "ORG3" "ORG4")
for i in ${ORGS[@]}
do
curl -X POST "http://localhost:3000/api/orgs" -H 'Content-Type: application/json' -d '{"name":"'"$i"'"}' --user "${ADMIN_USER}:${ADMIN_PASSWORD}"
done
It seemes that Grafana does not have this feature yet. In postStart lifecycleHooks there is no garantee that the command will be executed after the container ENTRYPOINT according to k8s docs:
Something that I have tryed was to put a sleep command before the for loop. It does not work as well.
