Grafana OSS v10.2.2 + Alerting Provisioning


I was trying to provision alerts using the Grafana API to create alerting from Infrastructure as Code.
When doing this I get the following error:

Error: status: 403, body: {"accessErrorId":"ACE5486629262","message":"You'll need additional permissions to perform this action. Permissions needed: alert.provisioning:write","title":"Access denied"}

Because we use the open source version of OSS we do not control the rules, to find out if the role Editor has permissions to do this I tried to check the documentation; Roles and permissions | Grafana documentation

But neither the table nor the text above tells me explicitly it should be possibile to provision alerts.

Could someone clear up the confusion;
Can a Editor provision alerts using the Grafana API?

I agree with Jean that this is unclear.

However, I do see in this table that editors have permission to write alerts. And given that the API for alerting has only recently been added, I suspect this simply to be missed in the feature.

When editors have permission to write alerts, and a provisioning API for alerts is available, then they should also have permission to use that API.

This looks like a bug to me.

Create issue RBAC: Alert provisioning not enabled for Editors · Issue #79126 · grafana/grafana · GitHub

Hey there! We’re currently working on adding fine-grained control to alert provisioning and aligning those permissions with the normal API. That can be tracked here: Alerting: Update provisioning API to support regular permissions by yuri-tceretian · Pull Request #77007 · grafana/grafana · GitHub

Related to this issue: More granular permissions for provisioning API · Issue #69073 · grafana/grafana · GitHub

For now, only users with the ‘Admin’ role in OSS have provisioning permissions for alert rules.

Hi William,

Thank you for the response, is it possible to speed up this PR and take it as a hotfix into 10.2.3? or is there a date for when this will be released?

Kind Regards,

Reminder, is there any way to get this fix accepted?
I’ve asked on github too, 2 weeks ago; More granular permissions for provisioning API · Issue #69073 · grafana/grafana (