Resource types in Metoro represent different categories of features and data that can be accessed and managed. Each resource type has its own set of permissions that can be granted through roles.

Available Resource Types

resource_types_create_role.png

Access Management

  • Resource Type: accessManagement
  • Description: Controls user and role management capabilities
  • Permissions:
    • create - Create new users and roles
    • read - View users and roles
    • update - Modify existing users and roles
    • delete - Remove users and roles

Alerts

  • Resource Type: alerts
  • Description: Controls access to alert configurations and management
  • Permissions:
    • create - Create new alerts
    • read - View existing alerts
    • update - Modify alert configurations
    • delete - Remove alerts

Billing

  • Resource Type: billing
  • Description: Controls access to billing and subscription management
  • Permissions:
    • create - Create new billing configurations
    • read - View billing information and usage
    • update - Modify billing settings
    • delete - Remove billing configurations

Dashboards

  • Resource Type: dashboards
  • Description: Controls access to dashboard creation and management
  • Permissions:
    • create - Create new dashboards
    • read - View dashboards
    • update - Modify dashboard configurations
    • delete - Remove dashboards

Environments

  • Resource Type: environments
  • Description: Controls access to adding a new environment/cluster to Metoro or deleting the existing ones
  • Permissions:
    • create - Create (ie. Add) new environments/clusters to Metoro
    • delete - Remove environments
    • Note: Read access is available to all users, and update operations are not applicable

Integrations

  • Resource Type: integrations
  • Description: Controls access to integration settings and configurations
  • Permissions:
    • create - Add new integrations
    • read - View integration settings
    • update - Modify integration settings
    • delete - Remove integrations

Log Filters

  • Resource Type: logFilters
  • Description: Controls access to log filter configurations
  • Permissions:
    • create - Create new log filters
    • read - View log filters
    • update - Modify log filter settings
    • delete - Remove log filters

Trace Redaction Rules

  • Resource Type: traceRedacts
  • Description: Controls access to trace redaction rule configurations
  • Permissions:
    • create - Create new redaction rules
    • read - View redaction rules
    • update - Modify redaction rules
    • delete - Remove redaction rules

Workflows

  • Resource Type: workflows
  • Description: Controls access to issues and workflows
  • Permissions:
    • create - Create new workflows
    • read - View workflows and issues created by the workflows
    • update - Modify workflow and issues configurations
    • delete - Remove workflows

Permission Inheritance

When a role is granted a permission on a resource type, users with that role automatically receive that permission for all resources of that type. For example, if a role has the read permission for dashboards, users with that role can view all dashboards in the organization.

Best Practices

  1. Principle of Least Privilege
    • Grant only the permissions necessary for users to perform their tasks
    • Regularly review and audit role permissions
    • Consider starting with read-only access and adding other permissions as needed
  2. Role Organization
    • Create roles based on job functions or responsibilities
    • Use descriptive names for custom roles
    • Document the purpose and scope of each custom role
  3. Permission Management
    • Regularly audit user roles and permissions
    • Remove unnecessary permissions promptly
    • Use custom roles for fine-grained access control