In a New Relic user management context, a permission is a granular thing that you can do with New Relic that we've made available for addition to a custom role. These permissions are also attached to our pre-build standard roles. Examples of permissions are: the ability to view APM app settings, or modify alert conditions, or manage data retention settings.
To learn what permissions a role has, go to the user management UI and view a specific role. To find this UI: From one.newrelic.com, click the user menu in the lower right, and then go to: Administration > Access management > Roles.
A New Relic full platform user with no limitations (for example, a user in the Admin group) is able to use all features of the platform. Some of the things you can do in New Relic we've made available as permissions. You can add or remove these from a custom role, and we also use these permissions to differentiate between our standard roles. The permissions that we've made visible and available for selection are those we think you're most likely to find useful for common user management tasks.
There are a lot of New Relic functionalities that we don't make visible and available for selection. For example, there are various UI pages that you can access as any user, and that aren't gated by the permissions we expose. For another example: a user in a group with Organization administration settings can configure organization-level settings and that power is not available for adding to a custom role.
Permissions may also sometimes be referred to as capabilities.
Here are some other important points about permissions:
- A user's user type must also allow access. A user's access to New Relic features is governed by both user type and assigned roles. For more about that, see User access.
- Some permissions overlap in functionality. This is why selecting some permissions checkboxes in the UI will automatically check or uncheck other boxes.
- Permissions don't affect querying of data. Most permissions apply to New Relic UI and API experiences and not to querying data. For example, if your permissions restrict you from accessing the UI, you can still query APM data if you have access to that account. If you require more firm data boundaries for some projects or users, you can segment your data into different accounts.
To learn more about the main ways user permissions are controlled, see User management concepts.
Our pre-built roles have various groupings of permissions. How our pre-built roles work is different depending on which of our user models you're on:
Here's a screenshot of the permissions available in the permissions UI. These are only a subset of everything you can do in New Relic and represent the specific permissions we believe are likely to be valuable for creating custom roles.
Note that permissions can change. The permissions in this doc were last updated April 3, 2023.
To learn more about specific permissions, select a category below, or try searching this doc for a specific term you're looking for.