Granular Access Control

Docs > Account Management > Access Control > Granular Access Control

Manage access to individual resources

Some resources allow you to restrict access to individual resources by roles, Teams, or users.

Use the different principals to control access patterns in your organization and encourage knowledge sharing and collaboration:

Use Teams to map access to functional groups in your organizations. For example, restrict editing of a dashboard to the application team that owns it.
Use roles to map access to personas. For example, restrict editing of payment methods to billing administrators.
Allocate access to individual users only when necessary.

Supported resources with granular access control	Team-based access	Role-based access	User / service account-based access
Apps
Case Management projects
Connections
Connection Groups
Cross Org Connections
Dashboards
Datastores
Feature Flags
Integration Accounts
Integration Services
Integration Webhooks
Logs Pipelines
Monitors
Notebooks
Observability Pipelines
On-Call
Private Action Runner
Powerpacks
Reference tables
RUM apps
Security rules
Security suppressions
Service Level Objectives
Sheets
Synthetic tests
Workflows

Elevate access to individual resources

A user with the user_access_manage permission can elevate their access to any individual resource that supports restrictions based on team, role, and user or service account. Resources with only role-based access restrictions are not supported. To get access, click the Elevate Access button in the granular access control modal.

URL: https://docs.datadoghq.com/account_management/rbac/granular_access/