- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
범위는 조직의 Datadog 데이터에 대해 애플리케이션이 보유한 세부 액세스를 제한하고 정의할 수 있는 승인 메커니즘입니다. 사용자나 서비스 계정을 대신해 액세스가 승인되면 애플리케이션은 명시적으로 요청된 정보에만 액세스할 수 없습니다.
애플리케이션 범위를 지정하는 모범 사례는 최소한의 권한만 유지하는 것입니다. 또한 의도된 기능만 수행하도록 애플리케이션에 필요한 가장 제한적인 범위를 설정하는 것입니다. 이를 통해 사용자는 애플리케이션에 대해 세분화된 액세스 권한을 활용하고 애플리케이션이 데이터를 활용하는 방법에 대한 투명성을 확보할 수 있습니다. 예를 들어, 대시보드 데이터만 읽는 타사 애플리케이션은 조직 내 사용자를 삭제하고 관리할 수 있는 권한이 필요하지 않습니다.
Datadog를 사용해 두 가지 방법으로 범위를 사용할 수 있습니다.
Scope name
Description
Endpoints that require this scope
apm_api_catalog_write
Add, modify, and delete API catalog definitions.
Scope name
Description
Endpoints that require this scope
ci_visibility_read
View CI Visibility.
Scope name
Description
Endpoints that require this scope
cases_read
View Cases.
cases_write
Create and update cases.
Scope name
Description
Endpoints that require this scope
cloud_cost_management_read
View Cloud Cost pages. This does not restrict access to the cloud cost data source in dashboards and notebooks.
cloud_cost_management_write
Configure cloud cost accounts and global customizations.
Scope name
Description
Endpoints that require this scope
dashboards_public_share
Generate public and authenticated links to share dashboards or embeddable graphs externally.
Scope name
Description
Endpoints that require this scope
org_management
Edit org configurations, including authentication and certain security preferences such as configuring SAML, renaming an org, configuring allowed login methods, creating child orgs, subscribing & unsubscribing from apps in the marketplace, and enabling & disabling Remote Configuration for the entire organization.
Scope name
Description
Endpoints that require this scope
monitors_downtime
Set downtimes to suppress alerts from any monitor in an organization. Mute and unmute monitors. The ability to write monitors is not required to set downtimes.
monitors_write
Edit and delete individual monitors.
Scope name
Description
Endpoints that require this scope
Scope name
Description
Endpoints that require this scope
hosts_read
List hosts and their attributes.
Scope name
Description
Endpoints that require this scope
incident_read
View incidents in Datadog.
incident_settings_write
Configure Incident Settings.
incident_write
Create, view, and manage incidents in Datadog.
Scope name
Description
Endpoints that require this scope
metrics_read
View custom metrics.
timeseries_query
Query Timeseries data.
Scope name
Description
Endpoints that require this scope
user_access_manage
Disable users, manage user roles, manage SAML-to-role mappings, and configure logs restriction queries.
user_access_read
View users and their roles and settings.
user_access_invite
Invite other users to your organization.
Scope name
Description
Endpoints that require this scope
security_monitoring_filters_write
Create, edit, and delete Security Filters.
security_monitoring_findings_read
View a list of findings that include both misconfigurations and identity risks.
security_monitoring_rules_read
Read Detection Rules.
security_monitoring_rules_write
Create and edit Detection Rules.
security_monitoring_signals_read
View Security Signals.
security_monitoring_suppressions_read
Read Rule Suppressions.
security_monitoring_suppressions_write
Write Rule Suppressions.
Scope name
Description
Endpoints that require this scope
apm_service_catalog_read
View service catalog and service definitions.
apm_service_catalog_write
Add, modify, and delete service catalog definitions when those definitions are maintained by Datadog.
Scope name
Description
Endpoints that require this scope
slos_corrections
Apply, edit, and delete SLO status corrections. A user with this permission can make status corrections, even if they do not have permission to edit those SLOs.
slos_write
Create, edit, and delete SLOs.
Scope name
Description
Endpoints that require this scope
Scope name
Description
Endpoints that require this scope
synthetics_global_variable_read
View, search, and use Synthetics global variables.
synthetics_global_variable_write
Create, edit, and delete global variables for Synthetics.
synthetics_private_location_read
View, search, and use Synthetics private locations.
synthetics_private_location_write
Create and delete private locations in addition to having access to the associated installation guidelines.
synthetics_read
List and view configured Synthetic tests and test results.
synthetics_write
Create, edit, and delete Synthetic tests.
Scope name
Description
Endpoints that require this scope
teams_manage
Manage Teams. Create, delete, rename, and edit metadata of all Teams. To control Team membership across all Teams, use the User Access Manage permission.
teams_read
Read Teams data. A User with this permission can view Team names, metadata, and which Users are on each Team.
Scope name
Description
Endpoints that require this scope
usage_read
View your organization's usage and usage attribution.
Scope name
Description
Endpoints that require this scope
Scope name
Description
Endpoints that require this scope