Re: Access Control for Monitoring Dashboards

jedi-99 · 02-15-2024 10:18 PM

Dear Cloud Community Members,

I am trying to maintain access control for monitoring custom dashboards.

For example, if I have 5 dashboards and 2 users, then one user should be able to see only 3 dashboards and the other user should be able to see the other 2 dashboards only. How do I maintain this segregation?

Tried the following approaches,

1. Using IAM, didn't work as it was giving access for all dashboards.

2. By sharing the specific dashboard(s) directly to the user(s), didn't work as it was giving access for all dashboards.

3. Using IAM condition and dashboard labels, but could not create the IAM condition as it does not support labels.

Please suggest any solution if available, thanks in advance.

dionv

Hello @jedi-99 ,

From this previous post, there is a feature request for the granular permission to achieve your concern. And as quoted workaround:

There is not an available workaround for real-time separation of metrics. However, a project owner can achieve this separation via exporting their metrics manually and sending the appropriate information to the appropriate user. Here are two examples of exporting Stackdriver Monitoring metrics using App Engine/PubSub [1] or using Colab/Monitoring API [2]. Both use BigQuery to query the data and Cloud Scheduler to automate exporting the information.

[1] https://cloud.google.com/solutions/stackdriver-monitoring-metric-export
[2] https://medium.com/google-cloud/downsampling-and-exporting-stackdriver-monitoring-data-c3483e88a352