Permission List¶

TrueWatch supports setting permissions for custom roles within the workspace to meet the permission requirements of different users.

Note: Currently, only functional operation permissions within the workspace are supported.

Permission List¶

√: Default role indicates support for this permission, custom role indicates support for granting this permission to a custom role.
×: Default role indicates no support for this permission, custom role indicates no support for granting this permission to a custom role.

Features	Operation Permissions	Owner	Administrator	Standard	Read-only	Custom Role
General	Default Access Permissions	√	√	√	√	√
	Explorer - Quick Filter Management	√	√	×	×	√
	Export Management	√	√	√	×	√
Workspace Management	API Key Management	√	√	×	×	×
	Token View	√	√	×	×	×
	Token Replacement	√	√	×	×	×
	Client Token Management	√	√	√	×	√
	Member Management View	√	√	√	×	√
	Invite Members	√	√	√	×	√
	Member Management	√	√	×	×	√
	Transfer Ownership	√	×	×	×	×
	Settings Management	√	√	×	×	×
	Dissolve Workspace	√	×	×	×	×
	Data Storage Policy Management	√	×	×	×	×
	Workspace Status Management	√	×	×	×	×
Data Permission Management	Configuration Management	√	√	×	×	√
Sensitive Data Scanning	Configuration Management	√	√	×	×	√
Field Management	Field Configuration Management	√	√	√	×	√
Regular Expressions	Regular Expression Configuration Management	√	√	×	×	√
Cloud Account Management	Account Management	√	√	×	×	×
	Integration Configuration Management	√	√	×	×	×
Global Tags	Global Tag Configuration Management	√	√	×	×	√
Sharing Management	Sharing Configuration Management	√	√	√	×	√
Snapshots	Create Snapshots	√	√	√	√	√
	Delete Snapshots	√	√	√	×	√
Billing	Billing Read-only Permissions	√	√	×	×	√
	Billing Read-Write Permissions	√	×	×	×	×
	Upgrade Permissions	√	×	×	×	×
Scenarios	Scenario Configuration Management	√	√	√	×	√
	Chart Configuration Management	√	√	√	×	√
	Service List Management	√	√	√	×	√
Events	Manual Recovery	√	√	√	×	√
	Event Data Query	√	√	√	√	√
Infrastructure	Infrastructure Configuration Management	√	√	×	×	√
	Infrastructure Data Query	√	√	√	√	√
Logs	Log Index Management	√	√	×	×	√
	External Index Management	√	√	×	×	√
	Data Forwarding	√	√	×	×	√
	Log Data Query	√	√	√	√	√
Metrics	Metric Description Management	√	√	√	×	√
	Metric Data Query	√	√	√	√	√
APM	Associated Log Management	√	√	√	×	√
	APM Data Query	√	√	√	√	√
	Issue Auto-Discovery	√	√	√	×	√
RUM	Application Configuration Management	√	√	√	×	√
	Tracing Configuration Management	√	√	√	×	√
	RUM Data Query	√	√	√	√	√
	Session Replay View	√	√	√	√	√
	Issue Auto-Discovery	√	√	√	×	√
Synthetic Tests	Task Configuration Management	√	√	√	×	√
	Self-built Nodes Configuration Management	√	√	√	×	√
Monitoring	Monitor Configuration Management	√	√	√	×	√
	External Event Reporting Management	√	√	×	×	×
	Intelligent Inspection Configuration Management	√	√	√	×	√
	SLO Configuration Management	√	√	√	×	√
	Mute Configuration Management	√	√	√	×	√
	Alert Strategy Configuration Management	√	√	√	×	√
	Notification Target Configuration Management	√	√	×	×	√
Incident	Channel Management	√	√	√	×	√
	Channel Subscription	√	√	√	√	√
	Channel View	√	√	√	√	√
	Issue Management	√	√	√	×	√
	Issue View	√	√	√	√	√
	Reply Management	√	√	√	×	√
	Reply View	√	√	√	√	√
	Level Configuration	√	√	×	×	√
	Notification Strategy	√	√	√	×	√
	Schedule	√	√	√	×	√
	Issue Discovery	√	√	√	×	√
Pipelines	Pipelines Management	√	√	√	×	√
Blacklist	Blacklist Management	√	√	√	×	√
Generate Metrics	Generate Metrics Configuration Management	√	√	√	×	√
DCA	DCA Configuration Management	√	√	×	×	×
DataFlux Func (Automata)	Func Activation/Configuration	√	×	×	×	×
RUM (Automata)	RUM Activation/Configuration	√	×	×	×	×
	RUM Administrator	√	√	×	×	×
Cloud Billing	Cloud Billing Data Query	√	√	√	√	√
External Data Sources	Data Source Configuration Management	√	√	×	×	√
	Data Source Query Permissions	√	√	√	√	√
Environment Variables	Environment Variable Configuration Management	√	√	×	×	√
Operation Audit	Operation Audit View	√	√	√	√	√

Permission Description Details¶

You can understand the specific descriptions of the permission list through the following table:

Features	Operation Permissions	Description
General	Default Access Permissions	View and edit components in TrueWatch that do not have explicitly defined permissions, including Dashboards, Notes, Explorers, Built-in Views: Read-only permissions Dashboard Carousel: Read-only permissions Charts: Read-only permissions, Copy Dashboards, Notes, Explorers: Favorite All Explorer personal-level quick filters: Edit permissions All Explorer display columns: Configuration permissions Dashboard, Note, Explorer creators: Edit permissions APM > Service List: Read-only permissions RUM > Application Configuration: Read-only permissions RUM > Tracing Configuration: Read-only permissions Synthetic Tests > Task Configuration: Read-only permissions Synthetic Tests > Self-built Nodes Configuration: Read-only permissions Monitors, Intelligent Inspection, SLO, Mute Management, Alert Strategies, Notification Target Configuration: Read-only permissions Pipelines Configuration: User pipeline, official pipeline read-only permissions Blacklist Configuration: Read-only permissions Workspace Basic Information: Read-only permissions Role Management: Read-only permissions Field Management: Read-only permissions Data Permission Management: Read-only permissions Regular Expressions: Read-only permissions Sharing Management: Read-only permissions Snapshots: Read-only permissions (View/Copy) DQL Query Tool Integration Obux Assistant Free Plan Demo Workspace Ticket Management Workspace Notes (Personal Account Level) Newbie Guide - Automatically pop up【Newbie Guide】 - Avatar > View Newbie Guide Log Data Access Configuration View: Read-only Incident: Channel Read-only, Issue Read-only, Reply Read-only, Notification Strategy Read-only, Schedule Read-only
	Explorer > Quick Filter Management	Workspace-level default display quick filter options management Log Explorer display column configuration management
	Export Management	Includes: Explorer: Export CSV file, copy as cURL Metric Management: Export CSV file Event Details Page: Export JSON, PDF
Workspace Management	API Key Management	API Key creation, view, deletion, etc.
	Token View	Get workspace Token
	Token Replacement	Replace workspace Token, having this permission requires also having "Token View" permission
	Client Token Management	Client Token creation, deletion
	Member Management View	Includes the following pages' view (read-only) permissions. Member Management, Member Details Page SSO Management, SAML Mapping
	Invite Members
	Member Management	Workspace member management, SSO management related operations, including Team Management (Add, Delete, Modify) Member Information Management (Delete, Modify) Role Management (Create, Delete, Modify) Invitation Records Batch Modify Permissions SSO Management - SSO Login (Enable, Disable, Delete) - SAML Mapping (Create, Delete, Modify, Enable, Disable) - Custom Mapping (Create, Delete, Modify)
	Transfer Ownership	Transfer current workspace ownership to another member
	Settings Management	Workspace settings page edit operations, including Workspace Name Modification Description Modification Configuration Migration (Import, Export) Advanced Settings - Add, Delete Key Metrics - Feature Menu Management Operation Audit View IP Whitelist Settings Data Deletion - Manual data deletion operations within the workspace, including - Delete a specific measurement data - Delete Resource Catalog - Single Resource Catalog (Resource Catalog Details Page) - All Resource Catalogs (Management-Settings-Risky Operations) - Resource Catalogs under a specific object class (Management-Settings-Risky Operations) Enable Approval Join
	Dissolve Workspace	Dissolve workspace, including Commercial Plan workspace unbinding from Billing Center account and workspace deletion operations Dissolve entry under workspace locked state
	Data Storage Policy Management	Measurement storage policy modification (Metric Management Page) General storage policy modification (Management-Settings Page)
	Workspace Status Management	Includes some operations under workspace locked state Immediately Unlock
Data Permission Management	Configuration Management	Sensitive Fields: Disable, Enable, Configure (Add, Delete) Data Authorization: Configure (Add, Delete)
Sensitive Data Scanning	Configuration Management	Create, Edit, Enable, Disable, Delete
Field Management	Field Configuration Management	Create, Edit, Delete
Regular Expressions	Regular Expression Configuration Management	Create, Edit, Clone, Delete
Cloud Account Management	Account Management	Create, Edit, Delete
	Integration Configuration Management	Install, Uninstall, Modify Configuration
Global Tags	Global Tag Configuration Management	Create, Edit, Delete
Sharing Management	Sharing Configuration Management	Chart Sharing, Chart Unsharing, Snapshot Sharing, Snapshot Unsharing
Snapshots	Create Snapshots	Snapshot creation. Includes Scenarios: Dashboards, Notes, Explorers Events: Unresolved Events, Events Infrastructure: Hosts, Containers, Processes, Networks, Custom Logs: All Logs, Pattern APM: Services, Overview, Traces, Error Tracking, Profile RUM: Views, Explorers, Traces Synthetic Tests: Overview, Explorers CI Visualization: Overview, Explorers
	Delete Snapshots	Snapshot deletion. Includes Scenarios: Dashboards, Notes, Explorers Events: Unresolved Events, Events Infrastructure: Hosts, Containers, Processes, Networks, Custom Logs: All Logs, Pattern APM: Services, Overview, Traces, Error Tracking, Profile RUM: Views, Explorers, Traces Synthetic Tests: Overview, Explorers CI Visualization: Overview, Explorers Read-only members can only delete snapshots created by their own account
Billing	Billing Read-only Permissions	Current workspace usage statistics and billing cost view Set high consumption alert
	Billing Read-Write Permissions	Includes account balance view, recharge, change settlement method, change Billing Center account, jump to Billing Center, only supports current workspace owner role members to view and initiate related operations
	Upgrade Permissions	Free Plan upgrade to Commercial Plan process initiation entry, only supports current workspace owner role members to initiate
Scenarios	Scenario Configuration Management	Dashboards: Create, Delete, Modify (With this permission, explorer supports exporting list data to dashboards), Import, Export, Copy, Save to Built-in Views, Set Refresh Frequency Scheduled Reports: Create, Modify, Delete Carousel: Create, Modify, Delete Notes: Create, Delete, Modify (With this permission, explorer supports exporting list data to notes), Import, Export (JSON/PDF) Explorers: Create, Delete, Modify, Export, Import, Copy Built-in Views > System Views: Export, Clone Built-in Views > User Views: Create, Delete, Modify, Export, Clone
	Chart Configuration Management	View Variables: Add, Edit, Delete Charts: Add, Modify, Combine, Clone, Delete Chart Groups: Add, Modify, Delete
	Service List Management	Edit service list configuration
Events	Manual Recovery	Includes unresolved event manual recovery operations
	Event Data Query	All event data query within the workspace, including events and unresolved events all data (Namespace = E or UE)
Infrastructure	Infrastructure Configuration Management	Includes host edit Label, edit object class, add object class, add tag, delete object, etc. operations
	Infrastructure Data Query	Query all infrastructure object related data within the workspace, including hosts, containers, K8s, processes, resource catalog data and historical 48-hour data, as well as four-layer, seven-layer network data reported to the workspace.
Logs	Log Index Management	Read-Write permissions. Includes create, delete, modify, enable, disable, drag, operations
	External Index Management	Read-Write permissions. Includes bind, delete, operations
	Data Forwarding	Read-Write permissions. Includes create, edit, delete, enable, disable, operations
	Log Data Query	All log data query permissions within the current workspace, including TrueWatch logs (L) default index, custom index, bound external index (ES, Opensearch, SLS standard logstore) data, and backup logs (BL) data.
Metrics	Metric Description Management	Edit modify metric description
	Metric Data Query	All metric data query within the current workspace
APM	Associated Log Management	Edit log association field configuration
	APM Data Query	All traces, Profile data query within the current workspace
	Issue Auto-Discovery	Error tracking data automatically discovers and generates incident issues based on service, version, resource, error type dimensions
RUM	Application Configuration Management	Create, Modify, Delete application
	Tracing Configuration Management	Create, Modify, Delete tracing configuration
	RUM Data Query	All user access data query within the current workspace, including `session`, `session replay`, `view`, `resource`, `error`, `long task`, `action`, etc. data
	Session Replay View	All session replay data view permissions within the current workspace
	Issue Auto-Discovery	Error data automatically discovers and generates incident issues based on application name, environment, version, error type dimensions
Synthetic Tests	Task Configuration Management	Create, Delete, Modify, Enable, Disable, Test
	Self-built Nodes Configuration Management	Create, Modify, Delete, Get configuration
Monitoring	Monitor Configuration Management	Create, Delete, Test, Modify, Enable, Disable, Import, Batch Export, Batch Delete, Alert Configuration Edit, Create from Template
	External Event Reporting Management	View【External Event Detection】monitor generated Webhook address
	Intelligent Inspection Configuration Management	Create, Delete, Test, Modify, Enable, Disable, Export
	SLO Configuration Management	Create, Delete, Modify, Enable, Disable
	Mute Configuration Management	Create, Delete, Modify, Enable, Disable Monitoring > Mute Management Infrastructure > Host Details Page > Mute Host
	Alert Strategy Configuration Management	Create, Delete, Alert Configuration Edit
	Notification Target Configuration Management	Create, Delete, Modify
Incident	Channel Management	Channel: Create, Modify, Delete; Notification Targets: Add, Modify
	Channel Subscription	Channel Subscription
	Issue Management	Issue Create, Modify, Delete, Attachment Upload
	Level Configuration	Default Level: Enable, Disable; Custom Level: Create, Edit, Delete
	Notification Strategy	Notification Strategy Create, Modify, Delete
	Schedule	Schedule Create, Modify, Delete
	Issue Discovery	Issue Create, Modify, Delete, Enable, Disable
Pipelines	Pipelines Management	Read-Write permissions. Includes create, modify, delete, enable, disable, import, batch export, batch delete, clone from official library Logs > Pipelines Management > Pipelines
Blacklist	Blacklist Management	Read-Write permissions. Includes create, modify, delete, import, batch export, batch delete Logs > Blacklist Management > Blacklist
Generate Metrics	Generate Metrics Configuration Management	Includes create, modify, delete, enable, disable operations Logs > Generate Metrics APM > Generate Metrics RUM > Generate Metrics
DCA	DCA Configuration Management	DataKit restart, collector, Pipelines, blacklist create, delete, modify Configure DCA address
DataFlux Func (Automata)	Func Activation/Configuration	Activate application, modify domain/specification, upgrade version, reset password, deactivate application
RUM (Automata)	RUM Activation/Configuration	Activate application, modify service address, specification, upgrade version, deactivate application
	RUM Administrator Permissions	View configuration information, modify service address, specification, version, status, configuration
External Data Sources	Data Source Configuration Management	External data source create, edit, delete operations
	Data Source Query Permissions	Query external data source
Operation Audit	Operation Audit View	Operation audit data view permissions