Default Policies
This document explains the default permission templates available in the system, providing clear and concise descriptions of what each template allows end users to do. Use this guide to select the appropriate template for your team’s security and operational needs.
Default Template OBS Read
Permissions Granted:
- Alert Monitor: View dashboards and monitoring data.
- Aliases: Inspect alias configurations and associated indices.
- Notification Channels: View channels and email groups.
- Agent Users: View agent user listings and details.
- Resource Limits: Check configured limits.
- Explorer: Access the Explorer page for read-only queries.
Usage Note: Use this template when users need to browse OBS data—such as alert definitions, alias mappings, notification setups, service accounts, limits, and Explorer queries—without modifying anything.
Details: This template grants view access across the entire OBS interface, allowing navigation through every page and endpoint without permission to create, update, or delete resources.
Default Template OBS All
Permissions Granted: Includes all permissions from OBS Read, plus:
- Alert Monitor: Create and update schedules/triggers; enable/disable monitors; delete configurations.
- Aliases: Create, update, and delete aliases; adjust settings (replica count, shard count, retention).
- Notification Channels: Create, update, rename, mute, and delete channels; manage email groups.
- Agent Users: Create, update, and delete service accounts; change passwords.
- Explorer: Select an alias and run SQL/PPL/DQL queries.
Usage Note: For users who must configure, manage, and delete any OBS resource.
Details: The “All” variant extends read access by allowing update and delete operations throughout OBS. Administrators can modify alert schedules, tune alias/index parameters, manage notification channels (including renaming or muting), administer service accounts, and run Explorer queries.
Default Template Alert Monitor Read
Permissions Granted:
- Alert Monitor Dashboard: View dashboards; read schedules and triggers.
- Notification Channels: View channel configurations and associated email-group details.
- Monitoring Endpoints: Execute read-only queries against monitoring endpoints.
- Aliases & Indices: View alias settings and index details.
Usage Note: Grants visibility into alert routing, schedules, and alias/index mappings without allowing any changes.
Details: This template enables users to audit alert configurations, monitor routing, and inspect related indices. All operations are view-only—no creation, updates, or deletions are permitted.
Default Template Alert Monitor All
Permissions Granted: Includes all permissions from Alert Monitor Read, plus:
- Create/Update/Delete: Alerts, schedules, triggers, and monitor configurations.
- Enable/Disable Monitors: Turn individual monitors on or off.
- Notification Channels: Full CRUD on channels (create, rename, mute, delete), including email groups.
- Alias & Index Settings: Modify aliases and adjust index parameters.
Usage Note: For administrators who need end-to-end control over alert monitoring and management.
Details: This template allows full control over alerts: users can update schedules, adjust triggers, delete monitors, and manage notification channels. Alias and index modifications are also included for comprehensive alert lifecycle management.
Default Template Aliases Read
Permissions Granted:
- Aliases: View alias list and alias dashboard.
- Indices: Inspect index details.
Details: Provides visibility into how data is routed via aliases and the underlying index configurations. Ideal for auditing alias settings without risk of modification.
Default Template Aliases All
Permissions Granted: Includes all permissions from Aliases Read, plus:
- Create/Update/Delete Aliases: Manage the complete alias lifecycle.
- Index Settings: Adjust index parameters (replica/shard counts, retention policies).
Details: Enables creation of new aliases, modification of index parameters, and safe deletion of indices when no longer needed.
Default Template Notification Channel All
Permissions Granted: Includes all permissions from Notification Channel Read, plus:
- Create/Update Channels: Define new channels or modify existing ones.
- Manage Email Groups: Add/remove email recipients; mute notifications.
- Delete Channels: Remove channels when no longer needed.
Details: Provides end-to-end channel management: from initial creation through email group adjustments to deletion.
Default Template Notification Channel Read
Permissions Granted:
- Notification Channels: View channel names and configurations.
- Email Groups: View email recipient lists.
Details: Covers all visual aspects of notification channels.
Default Template Agent User Read
Permissions Granted:
- View Agent Users: List service accounts and view details.
- Alias Associations: Access alias information.
Details: Allows inspection of all service account settings and aliases for auditing purposes.
Default Template Agent User All
Permissions Granted: Includes all permissions from Agent User Read, plus:
- Create/Delete Accounts: Provision or remove service accounts.
- Change Passwords: Reset or rotate agent user credentials.
- Alias Permissions: Full control over alias associations.
Details: Enables full lifecycle management of service accounts, including password resets and deletion. Alias management is also implicit, as agent users often own alias permissions.
Default Template Explorer Read
Permissions Granted:
- Query Execution: Run PPL/SQL/DQL queries on selected alias-backed indices.
- Dashboard Viewing: View query results and related visualizations.
Details: Grants permission to execute read-only queries against indices, providing insights into data without risk of altering configurations or saved queries.
Default Template Explorer All
Permissions Granted: Includes all permissions from Explorer Read, plus:
- Create/Update/Delete Queries: Manage saved queries and dashboards.
- Alias & Index Adjustments: Modify index settings to support advanced data exploration.
Details: Allows analysts and developers to fully customize query definitions, manage dashboards, and adjust index configurations for comprehensive data exploration.