diff --git a/src/content/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing.mdx b/src/content/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing.mdx index c46349cc8f7..67781a26fa9 100644 --- a/src/content/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing.mdx +++ b/src/content/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing.mdx @@ -338,21 +338,33 @@ The following table compares capabilities supported by two alternative pricing m E&R via NRQL - ❌ - ❌ ✅ + ✅ + ❌ Scorecards - ❌ - ❌ ✅ + ✅ + ❌ Teams + ✅ + ✅ ❌ + + + Catalogs + ✅ + ✅ ❌ + + + Maps ✅ + ✅ + ❌ Security RX diff --git a/src/content/docs/accounts/accounts-billing/new-relic-one-user-management/feature-control-manager.mdx b/src/content/docs/accounts/accounts-billing/new-relic-one-user-management/feature-control-manager.mdx index 353f9ffbe35..2b63a53237b 100644 --- a/src/content/docs/accounts/accounts-billing/new-relic-one-user-management/feature-control-manager.mdx +++ b/src/content/docs/accounts/accounts-billing/new-relic-one-user-management/feature-control-manager.mdx @@ -41,7 +41,7 @@ To access the Feature Control manager: The **Feature Control** page displays all intelligent observability features available to your organization, showing their current activation status across your accounts. To get the active features for specific accounts, search with the account IDs in the search field. - Most features can be activated or deactivated for specific accounts. However, organization-scoped features like **Teams** apply to all accounts in your organization automatically. + Most features can be activated or deactivated for specific accounts. However, organization-scoped features apply to all accounts in your organization automatically. ## Activate features for specific accounts [#activate-features] @@ -57,7 +57,7 @@ The **Feature Control** page displays all intelligent observability f ## Activate org-scoped features [#activate-org-features] -To activate organization-scoped features (like **Teams**) across all accounts in your organization: +To activate organization-scoped features across all accounts in your organization: 1. From the **Feature Control** page, find the feature you want to activate. 2. Click **Activate**. @@ -88,7 +88,7 @@ To deactivate a feature for specific accounts: ## Deactivate org-scoped features [#deactivate-org-features] -For organization-scoped features (like **Teams**): +For organization-scoped features: 1. From the **Feature Control** page, find the active feature you want to deactivate. 2. Click **Deactivate for all accounts** and confirm the deactivation in the confirmation modal. diff --git a/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial.mdx b/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial.mdx index 05336c42d07..e14e53b6b59 100644 --- a/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial.mdx +++ b/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial.mdx @@ -1,5 +1,5 @@ --- -title: "NerdGraph tutorial: Create custom role for Scorecards" +title: "Create custom roles for Scorecards" tags: - Scorecards - APIs @@ -10,40 +10,82 @@ metaDescription: How to use New Relic NerdGraph API to create Scorecards custom freshnessValidatedDate: never --- -A Scorecard serves as a container for various rules that collectively assess adherence to defined standards. Scorecards use rules to monitor compliance across different entities and teams, identify areas for improvement, and ensure alignment with both internal and external requirements. This document provides instruction on how to create and manage Scorecards and its rules in New Relic. +A Scorecard serves as a container for various rules that collectively assess adherence to defined standards. Scorecards use rules to monitor compliance across different entities and teams, identify areas for improvement, and ensure alignment with both internal and external requirements. -In New Relic, two types of users can manage Scorecards: +## Default Scorecards access [#default-access] -* Organization Product Admin -* Scorecard custom role users +New Relic provides default access to Scorecards through these standard roles: + + + + + + + + + + + + + + + + + +
ActionRequired role
View Scorecards[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Create, update, and delete Scorecards and rules[**Organization Product Admin**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles) or a custom Scorecards role
-This section provides instructions on using NerdGraph GraphQL mutations to create a custom role for managing Scorecards and associated rules. +You might need a custom role if the default permissions don't meet your organization's needs. -To create a Scorecards administrator custom role, you need to: +## Scorecards capabilities [#capabilities] -1. [Find the required permission IDs for Scorecards](#retrieve-organization-scoped-capabilities) -2. [Retrieve your organization ID](#retrieve-your-organization-id) -3. [Create the custom role for Scorecards administrator](#create-custom-role) -4. [Add the custom role to a user group](#add-custom-role-to-a-user-group) +When building a custom role for Scorecards, use the permissions below. Scorecards permissions are organization-scoped. + + + + + + + + + + + + + + + + + + + + + + + + + + +
CapabilityPermission identifier
Read Scorecards (also grants `scorecards.read.rule`)`scorecards.read.scorecard`
Create, update, and delete Scorecards`scorecards.modify.scorecard`
Read Scorecard rules`scorecards.read.rule`
Create, update, and delete Scorecard rules`scorecards.modify.rule`
+## Prerequisites [#prerequisites] -**Prerequisites:** +Before you begin, ensure you have: * [General NerdGraph requirements](/docs/apis/nerdgraph/get-started/introduction-new-relic-nerdgraph/#authentication) -* You must be an Organization Product Admin to create a custom role. - +* Organization Admin with `Organization Product Admin` role to create custom roles -## Mutations [#mutations] + +You can also create a custom role for Scorecards through the UI. For the permissions to select and the scope to use, see [Scorecards capabilities](/docs/service-architecture-intelligence/scorecards/getting-started/#scorecards-capabilities). + -New Relic provides various NerdGraph mutations to create custom role for Scorecards managers. +To create a custom role via the NerdGraph API, perform the following steps: - - - Use the `customerAdministration` query to retrieve a list of capabilities, their permission IDs, and related information. + + + ## Find the required permission IDs for Scorecards + Use the `customerAdministration` query to retrieve a list of capabilities, their permission IDs, and related information. Filter by `scope: "organization"` to get Scorecards permissions. #### Input parameters @@ -85,381 +127,383 @@ New Relic provides various NerdGraph mutations to create custom role for Scoreca #### Sample response - ```json - { - "data": { - "customerAdministration": { - "permissions": { - "items": [ - { - "category": "READ", - "feature": "Scorecards Rules", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "MANAGE", - "feature": "Scorecards Rules", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "READ", - "feature": "Scorecards", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "MANAGE", - "feature": "Scorecards", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "READ", - "feature": "Teams", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "OTHER", - "feature": "Teams", - "id": "xxxxxx", - "product": "New Relic One" - }, - { - "category": "DELETE", - "feature": "Teams", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "MODIFY", - "feature": "Teams", - "id": "xxxxxx", - "product": "New Relic One" - } - ] - } + ```json + { + "data": { + "customerAdministration": { + "permissions": { + "items": [ + { + "category": "READ", + "feature": "Scorecards Rules", + "id": "xxxxx", + "product": "New Relic One" + }, + { + "category": "MANAGE", + "feature": "Scorecards Rules", + "id": "xxxxx", + "product": "New Relic One" + }, + { + "category": "READ", + "feature": "Scorecards", + "id": "xxxxx", + "product": "New Relic One" + }, + { + "category": "MANAGE", + "feature": "Scorecards", + "id": "xxxxx", + "product": "New Relic One" + } + ] } } } - ``` - -Copy and paste the information related to Scorecards in a text file matching the following criteria: -* `category: MANAGE` -* `"feature": "Scorecards"` or `"Scorecards Rules"` - -For example, in the previous response, the following matches the criteria: - -```json -{ - "category": "MANAGE", - "feature": "Scorecards Rules", - "id": "xxxxx", - "product": "New Relic One" -}, -{ - "category": "MANAGE", - "feature": "Scorecards", - "id": "xxxxx", - "product": "New Relic One" -} -``` + } + ``` - - + From the response, identify and copy the permission IDs where `feature` is `"Scorecards"` or `"Scorecards Rules"` and `category` matches the access level you want to grant. You'll need these IDs in the next step. + -Fetch your organization ID to use in various mutations further. + + ## Retrieve your organization ID + Retrieve your organization ID, which you'll use in subsequent mutations. -#### Sample request + #### Sample request -```graphql -{ - actor { - organization { - id - } - } -} -``` - - #### Sample response - - ```json - { - "data": { - "actor": { - "organization": { - "id": "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX" + ```graphql + { + actor { + organization { + id } } } - } - ``` + ``` -Copy the organization ID and keep it aside to create a role. + #### Sample response - - + ```json + { + "data": { + "actor": { + "organization": { + "id": "YOUR_ORGANIZATION_ID" + } + } + } + } + ``` -Run the `customRoleCreate` mutation to create your own custom role. + Copy your organization ID from the response. You'll need it to create the custom role. + + + ## Create the custom role -#### Input parameters + Use the `customRoleCreate` mutation to create your custom role for Scorecards management. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID copied in the previous step.
`type`StringYesSet the type to `organization`.
`name`StringYesThe name of the role.
`permissionIds`[Int]YesList the IDs for the feature identified using `customerAdministration` query for Scorecards and Scorecards rules.
`scope`StringYesSet the scope to `organization`.
+ #### Input parameters -#### Sample request + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID from the previous step.
`type`StringYesSet to `organization`.
`name`StringYesThe display name for the custom role.
`permissionIds`Array of IntegersYesThe Scorecards permission IDs identified in Step 1.
`scope`StringYesSet to `organization`.
-```graphql -mutation { - customRoleCreate( - container: { - id: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX" - type: "organization" - } - name: "Scorecards manager" - permissionIds: [xxxxx, xxxxx] - scope: "organization" - ) { - id - } -} -``` - -#### Sample response - -```json -{ - "data": { - "customRoleCreate": { - "id": 9999999 + #### Sample request + + ```graphql + mutation { + customRoleCreate( + container: { + id: "YOUR_ORGANIZATION_ID" + type: "organization" + } + name: "Scorecards manager" + permissionIds: [xxxxx, xxxxx] + scope: "organization" + ) { + id + } } - } -} -``` + ``` - - - - - - - - - - - - - - - -
ParameterData TypeDescription
`id`IntThe custom role ID. Copy and keep this ID for future use.
+ #### Sample response - + ```json + { + "data": { + "customRoleCreate": { + "id": 9999999 + } + } + } + ``` - + Save the returned role ID — you'll need it to assign this role to a user group. + -After you have created the custom role, you must associate this role with a user group on the New Relic platform. + + ## Add the custom role to a user group -### Fetch the group ID + After creating the custom role, assign it to a user group in New Relic. -You can use `customerAdministration` query to retrieve the list of group IDs. + ### Retrieve group IDs + Use the `customerAdministration` query to get a list of available user groups. -#### Input parameters + #### Input parameters - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID copied in the previous step.
+ + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID from the previous step.
-#### Sample request + #### Sample request -```graphql -{ - customerAdministration { - groups( - filter: { - organizationId: { eq: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX" } - } - ) { - nextCursor - items { - id - name - users { + ```graphql + { + customerAdministration { + groups( + filter: { + organizationId: { eq: "YOUR_ORGANIZATION_ID" } + } + ) { + nextCursor items { id - email + name + users { + items { + id + email + } + } } } } } - } -} -``` + ``` -From the displayed list of group IDs, copy the desired group ID to associate the custom Scorecard role you created earlier. - -### Add the rule to a user group + From the response, copy the group ID for the group you want to assign the Scorecards role to. -You can use `authorizationManagementGrantAccess` mutation to add the role to a user group. + ### Assign the role to the group + Use the `authorizationManagementGrantAccess` mutation to assign the custom role to a user group. -#### Input parameters + #### Input parameters - - - - - - - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`roleId`StringYesThe custom role ID created in the Custom role section.
`groupId`StringNoThe group ID retrieved in the previous step.
+ + + + + + + + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`roleId`StringYesThe custom role ID from the previous step.
`groupId`StringYesThe group ID retrieved above.
-#### Sample request + #### Sample request -```graphql -mutation { - authorizationManagementGrantAccess( - grantAccessOptions: { - organizationAccessGrants: { roleId: "99999999" } - groupId: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX" - } - ) { - roles { - id - name - organizationId - roleId - groupId - displayName + ```graphql + mutation { + authorizationManagementGrantAccess( + grantAccessOptions: { + organizationAccessGrants: { roleId: "YOUR_ROLE_ID" } + groupId: "YOUR_GROUP_ID" + } + ) { + roles { + id + name + organizationId + roleId + groupId + displayName + } + } } - } -} -``` - -#### Sample response - -```json -{ - "data": { - "authorizationManagementGrantAccess": { - "roles": [ - { - "displayName": "Scorecards manager", - "groupId": null, - "id": "99999999", - "name": "scorecards_manager", - "organizationId": "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX", - "roleId": 99999 + ``` + + #### Sample response + + ```json + { + "data": { + "authorizationManagementGrantAccess": { + "roles": [ + { + "displayName": "Scorecards manager", + "groupId": null, + "id": "99999999", + "name": "scorecards_manager", + "organizationId": "YOUR_ORGANIZATION_ID", + "roleId": 99999 + } + ] } - ] + } } - } -} -``` + ``` + + - - +## Manage existing custom roles [#manage-roles] + + + Use the `customRoleUpdate` mutation to rename a role or replace its permission set. + + ```graphql + mutation { + customRoleUpdate( + id: ROLE_ID + name: "Updated role name" + permissionIds: [xxxxx, xxxxx] + ) { + id + } + } + ``` + + + + + + + + + + + + + + + + + + + + + + +
ParameterDescription
`id`The ID of the role to update.
`name`New display name for the role.
`permissionIds`Full replacement list of permission IDs. This replaces all existing permissions on the role.
+ -## Check the new role in New Relic platform [#check-role] + + Use the `customRoleDelete` mutation to permanently remove a custom role. -You can validate if the scorecard role is reflecting in the New Relic platform. + ```graphql + mutation { + customRoleDelete(id: ROLE_ID) { + id + } + } + ``` -**To check the role:** + The response returns the ID of the deleted role, confirming successful deletion. + -1. Log in to your new relic account. -2. Click on your name at the bottom left. -3. Go to **Administration > Access Management**. -4. Click the **Grants** tab: - You can see the custom role you created in the list of roles: + + Use the following query to look up a role ID by browsing your organization's groups and their assigned roles. - A diagram showing a custom Scorecards Manager role to manage Scorecards + ```graphql + { + actor { + organization { + authorizationManagement { + authenticationDomains(id: "YOUR_AUTHENTICATION_DOMAIN_ID") { + authenticationDomains { + groups { + groups { + displayName + id + roles { + roles { + roleId + name + } + } + } + } + } + } + } + } + } + } + ``` + + +For more information about Scorecards, see the [Scorecards documentation](/docs/service-architecture-intelligence/scorecards/getting-started/). diff --git a/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial.mdx b/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial.mdx index 279ab51487a..430df251909 100644 --- a/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial.mdx +++ b/src/content/docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial.mdx @@ -11,7 +11,7 @@ freshnessValidatedDate: never New Relic lets you to use NerdGraph [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started) GraphQL mutations to manage Scorecards and rules. These mutations let you create, update, delete, and retrieve Scorecards and their associated rules in your existing workflows and integrations. -This tutorial provides examples of how to use NerdGraph to manage Scorecards and rules. You can use these examples to automate Scorecard management tasks, such as creating Scorecards, adding rules, and updating Scorecard details. +This tutorial provides examples of how to use NerdGraph to manage Scorecards and rules. You can use these examples to automate Scorecard management tasks, such as creating Scorecards, adding rules, and updating Scorecard details. If you need to set up custom permissions for managing Scorecards, see [Create custom roles for Scorecards](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial). ## Mutations [#mutations] diff --git a/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial.mdx b/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial.mdx index 63ce0cbe339..953e5d7e411 100644 --- a/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial.mdx +++ b/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial.mdx @@ -1,5 +1,5 @@ --- -title: "NerdGraph tutorial: Create custom role for Teams" +title: "Create custom roles for Teams" tags: - Teams - APIs @@ -10,54 +10,98 @@ metaDescription: How to use New Relic NerdGraph API to create a custom role to c freshnessValidatedDate: never --- - - We're still working on this feature, but we'd love for you to try it out! - - This feature is currently provided as part of a preview program pursuant to our [pre-release policies](/docs/licenses/license-information/referenced-policies/new-relic-pre-release-policy). - - - New Relic Teams lets you connect the entities you're monitoring to the teams who own them. When you can easily see who owns an entity, you can speed up troubleshooting, enhance team collaboration, and improve your operational efficiency. -## Default Teams access +## Default Teams access [#default-access] New Relic provides default access to Teams through these standard roles: -* **Read Access**: All users have read access to Teams, including metadata such as contact information, team members, and other relevant details. -* **Modify Teams**: Users with the **Organization Product Admin** role can modify Teams. This is a new role assigned to all users who currently have the **All Product Admin** role. -* **Create & Delete Teams**: Users with **Organization Manager** or **Authentication Manager** roles can create and delete Teams. - - -You might need a custom role if the default permissions don't meet your organization's needs. This tutorial shows you how to use NerdGraph GraphQL mutations to create a custom role for managing Teams. + + + + + + + + + + + + + + + + + + + + + +
ActionRequired role
View teams[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Modify teams[**Organization Product Admin**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Create and delete teams[**Organization Manager**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles) or [**Authentication Manager**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
-### Process overview +You might need a custom role if the default permissions don't meet your organization's needs. -To create a Teams administrator custom role, you'll need to: +## Teams capabilities [#capabilities] -1. [Find the required permission IDs for Teams](#retrieve-organization-scoped-capabilities) -2. [Retrieve your organization ID](#retrieve-your-organization-id) -3. [Create the custom role for Teams administrator](#create-custom-role) -4. [Add the custom role to a user group](#add-custom-role-to-a-user-group) +When building a custom role for Teams, use the permissions below. Teams permissions are organization-scoped. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
CapabilityPermission identifier
Read teams`teams.read.team`
Delete teams`teams.delete.team`
Create teams`teams.create.team`
Modify teams`teams.update.team`
Read access to the automations/settings page`teams.read.organization_settings`
Modify access to the automations/settings page`teams.manage.organization_settings`
Create teams from IdP user groups (for example, Okta)`authentication_domain.read.groups`
-## Prerequisites +## Prerequisites [#prerequisites] Before you begin, ensure you have: * [General NerdGraph requirements](/docs/apis/nerdgraph/get-started/introduction-new-relic-nerdgraph/#authentication) -* Organization Admin with `Authentication Domain Manager` role to create custom roles - +* Organization Admin with `Authentication Domain Manager` role to create custom roles -## Mutations [#mutations] + +You can also create a custom role for Teams through the UI. For the permissions to select and the scope to use, see [Teams capabilities](/docs/service-architecture-intelligence/teams/teams/#teams-capabilities). + -New Relic provides various NerdGraph mutations to create custom role for Team managers. +To create a custom role via the NerdGraph API, perform the following steps: - - - Use the `customerAdministration` query to retrieve a list of capabilities, their permission IDs, and related information. + + + ## Find the required permission IDs for Teams + Use the `customerAdministration` query to retrieve a list of capabilities, their permission IDs, and related information. Filter by `scope: "organization"` to get Teams permissions. #### Input parameters @@ -83,333 +127,399 @@ New Relic provides various NerdGraph mutations to create custom role for Team ma #### Sample request ```graphql - { + { customerAdministration { permissions(filter: {scope: {eq: "organization"}}) { - items { - feature - category - id - product - } + items { + feature + category + id + product } } } - + } ``` #### Sample response - ```graphql - { - "data": { - "customerAdministration": { - "permissions": { - "items": [ - { - "category": "READ", - "feature": "Teams", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "OTHER", - "feature": "Teams", - "id": "xxxxxx", - "product": "New Relic One" - }, - { - "category": "DELETE", - "feature": "Teams", - "id": "xxxxx", - "product": "New Relic One" - }, - { - "category": "MODIFY", - "feature": "Teams", - "id": "xxxxxx", - "product": "New Relic One" - } - ] - } + ```json + { + "data": { + "customerAdministration": { + "permissions": { + "items": [ + { + "category": "READ", + "feature": "Teams", + "id": "xxxxx", + "product": "New Relic One" + }, + { + "category": "OTHER", + "feature": "Teams", + "id": "xxxxxx", + "product": "New Relic One" + }, + { + "category": "DELETE", + "feature": "Teams", + "id": "xxxxx", + "product": "New Relic One" + }, + { + "category": "MODIFY", + "feature": "Teams", + "id": "xxxxxx", + "product": "New Relic One" + } + ] } } } - + } ``` - **Next step**: From the response, identify and copy the permission IDs where: - * `category: "MANAGE"` (or the appropriate category for your needs) - * `feature: "Teams"` - - You'll need these IDs for the next step. - + From the response, identify and copy the permission IDs where `feature` is `"Teams"` and the `category` matches the access level you want to grant. You'll need these IDs in the next step. + + + ## Retrieve your organization ID - - - -Retrieve your organization ID, which you'll use in subsequent mutations. + Retrieve your organization ID, which you'll use in subsequent mutations. -#### Sample request + #### Sample request -```graphql - { - actor { - organization { - id + ```graphql + { + actor { + organization { + id + } } } - } - - ``` + ``` - #### Sample response + #### Sample response - ```graphql - { - "data": { - "actor": { - "organization": { - "id": "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX" + ```json + { + "data": { + "actor": { + "organization": { + "id": "YOUR_ORGANIZATION_ID" + } } } } - } - - ``` - - **Next step**: Copy your organization ID from the response. You'll need it to create the custom role. - - - + ``` -Use the `customRoleCreate` mutation to create your custom role for Teams management. + Copy your organization ID from the response. You'll need it to create the custom role. + + + ## Create the custom role -#### Input parameters + Use the `customRoleCreate` mutation to create your custom role for Teams management. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID copied in the previous step.
`type`StringYesSet the type to `organization`.
`name`StringYesThe name of the role.
`permissionIds`Array of IntegersYesThe permission IDs for Teams features identified in the first step.
`scope`StringYesSet the scope to `organization`.
- -#### Sample request - -```graphql - -mutation { - customRoleCreate( - container: {id: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX", type: "organization"} - name: "Teams manager" - permissionIds: [xxxxx, xxxxx] - scope: "organization" - ) { - id - } -} + #### Input parameters -``` -#### Sample response + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID from the previous step.
`type`StringYesSet to `organization`.
`name`StringYesThe display name for the custom role.
`permissionIds`Array of IntegersYesThe Teams permission IDs identified in Step 1.
`scope`StringYesSet to `organization`.
-```graphql + #### Sample request -{ - "data": { - "customRoleCreate": { - "id": 9999999 + ```graphql + mutation { + customRoleCreate( + container: { + id: "YOUR_ORGANIZATION_ID" + type: "organization" + } + name: "Teams manager" + permissionIds: [xxxxx, xxxxx] + scope: "organization" + ) { + id + } } - } -} - -``` - -**Next step**: Save the returned role ID. You'll need it to assign this role to a user group. + ``` - + #### Sample response - + ```json + { + "data": { + "customRoleCreate": { + "id": 9999999 + } + } + } + ``` -After creating the custom role, you need to assign it to a user group in New Relic. + Save the returned role ID — you'll need it to assign this role to a user group. + -### Step 1: Retrieve group IDs + + ## Add the custom role to a user group -Use the `customerAdministration` query to get a list of available user groups. + After creating the custom role, assign it to a user group in New Relic. + ### Retrieve group IDs -#### Input parameters + Use the `customerAdministration` query to get a list of available user groups. - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID copied in the previous step.
+ #### Input parameters -#### Sample request + + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`id`StringYesThe organization ID from the previous step.
-```graphql + #### Sample request -{ - customerAdministration { - groups(filter: {organizationId: {eq: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX"}}) { - nextCursor - items { - id - name - users { + ```graphql + { + customerAdministration { + groups( + filter: { + organizationId: { eq: "YOUR_ORGANIZATION_ID" } + } + ) { + nextCursor items { id - email + name + users { + items { + id + email + } + } } } } } - } -} + ``` -``` + From the response, copy the group ID for the group you want to assign the Teams role to. -**Next step**: From the response, copy the group ID for the group you want to assign the Teams role to. - -### Step 2: Assign the role to a user group + ### Assign the role to the group -Use the `authorizationManagementGrantAccess` mutation to assign the custom role to a user group. + Use the `authorizationManagementGrantAccess` mutation to assign the custom role to a user group. + #### Input parameters -#### Input parameters + + + + + + + + + + + + + + + + + + + + + + + +
ParameterData TypeIs it Required?Description
`roleId`StringYesThe custom role ID from the previous step.
`groupId`StringYesThe group ID retrieved above.
- - - - - - - - - - - - - - - - - - - - - - - -
ParameterData TypeIs it Required?Description
`roleId`StringYesThe custom role ID from the previous step.
`groupId`StringYesThe group ID from Step 1.
+ #### Sample request -#### Sample request - -```graphql -mutation { - authorizationManagementGrantAccess( - grantAccessOptions: {organizationAccessGrants: {roleId: "99999999"}, groupId: "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX"} - ) { - roles { - id - name - organizationId - roleId - groupId - displayName + ```graphql + mutation { + authorizationManagementGrantAccess( + grantAccessOptions: { + organizationAccessGrants: { roleId: "YOUR_ROLE_ID" } + groupId: "YOUR_GROUP_ID" + } + ) { + roles { + id + name + organizationId + roleId + groupId + displayName + } + } } - } -} - -``` - -#### Sample response - -```graphql -{ - "data": { - "authorizationManagementGrantAccess": { - "roles": [ - { - "displayName": "Teams manager", - "groupId": null, - "id": "99999999", - "name": "teams_manager", - "organizationId": "xxx****xxx-xx**00**-xxx-x*x*-xx**XXX**XX", - "roleId": 99999 + ``` + + #### Sample response + + ```json + { + "data": { + "authorizationManagementGrantAccess": { + "roles": [ + { + "displayName": "Teams manager", + "groupId": null, + "id": "99999999", + "name": "teams_manager", + "organizationId": "YOUR_ORGANIZATION_ID", + "roleId": 99999 + } + ] } - ] + } + } + ``` + + + +## Manage existing custom roles [#manage-roles] + + + + Use the `customRoleUpdate` mutation to rename a role or replace its permission set. + + ```graphql + mutation { + customRoleUpdate( + id: ROLE_ID + name: "Updated role name" + permissionIds: [xxxxx, xxxxx] + ) { + id + } } - } -} + ``` -``` + + + + + + + + + + + + + + + + + + + + + +
ParameterDescription
`id`The ID of the role to update.
`name`New display name for the role.
`permissionIds`Full replacement list of permission IDs. This replaces all existing permissions on the role.
 - -## What's next + + Use the `customRoleDelete` mutation to permanently remove a custom role. + + ```graphql + mutation { + customRoleDelete(id: ROLE_ID) { + id + } + } + ``` + + The response returns the ID of the deleted role, confirming successful deletion. + -After successfully creating and assigning your custom Teams role, users in the assigned group will have the permissions you configured. You can: + + Use the following query to look up a role ID by browsing your organization's groups and their assigned roles. -* Monitor the role's usage through your organization's user management -* Modify the role permissions if needed using similar NerdGraph mutations -* Create additional custom roles for different levels of Teams access + ```graphql + { + actor { + organization { + authorizationManagement { + authenticationDomains(id: "YOUR_AUTHENTICATION_DOMAIN_ID") { + authenticationDomains { + groups { + groups { + displayName + id + roles { + roles { + roleId + name + } + } + } + } + } + } + } + } + } + } + ``` + + -For more information about Teams, see our [Teams documentation](/docs/service-architecture-intelligence/teams/teams/). +For more information about Teams, see the [Teams documentation](/docs/service-architecture-intelligence/teams/teams/). diff --git a/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial.mdx b/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial.mdx index 0753cfbf21c..3e748b3efe9 100644 --- a/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial.mdx +++ b/src/content/docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial.mdx @@ -11,7 +11,7 @@ freshnessValidatedDate: never As an alternative to setting up New Relic teams in the UI, you can set them up programmatically with our NerdGraph API. -For an easy way to get started, use our [NerdGraph API explorer](/docs/apis/nerdgraph/get-started/nerdgraph-explorer) to create and edit teams information. Definitions are available in NerdGraph for each of the fields in the examples below. If you need help using the GraphiQL IDE, see our [NerdGraph API explorer tutorial](/docs/apis/nerdgraph/get-started/nerdgraph-explorer/). +For an easy way to get started, use our [NerdGraph API explorer](/docs/apis/nerdgraph/get-started/nerdgraph-explorer) to create and edit teams information. Definitions are available in NerdGraph for each of the fields in the examples below. If you need help using the GraphiQL IDE, see our [NerdGraph API explorer tutorial](/docs/apis/nerdgraph/get-started/nerdgraph-explorer/). If you need to set up custom permissions for managing Teams, see [Create custom roles for Teams](/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial). ## Create a team [#create-a-team] @@ -362,7 +362,6 @@ mutation { } ``` - diff --git a/src/content/docs/nrql/get-started/query-entities-and-relationships-via-nrql.mdx b/src/content/docs/nrql/get-started/query-entities-and-relationships-via-nrql.mdx index e745c0f04f7..808d6232be5 100644 --- a/src/content/docs/nrql/get-started/query-entities-and-relationships-via-nrql.mdx +++ b/src/content/docs/nrql/get-started/query-entities-and-relationships-via-nrql.mdx @@ -1,10 +1,10 @@ --- title: 'Entities & relationships via NRQL (E&R via NRQL)' -metaDescription: 'Learn how Advanced Compute customers can use NRQL to query entity and relationship data alongside telemetry for faster troubleshooting and better system insights.' +metaDescription: 'Learn how to use NRQL to query entity and relationship data alongside telemetry for faster troubleshooting and better system insights.' freshnessValidatedDate: 2024-03-19 --- -If you're an **Advanced Compute** customer, you can use **NRQL to directly query entity and relationship data in NRDB** alongside your telemetry data. This unified access enables faster troubleshooting and deeper system insights. +As a [Full platform user](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities), you can use **NRQL to directly query entity and relationship data in NRDB** alongside your telemetry data. This unified access enables faster troubleshooting and deeper system insights. This document covers: diff --git a/src/content/docs/nrql/nrql-examples/query-entities-via-nrql.mdx b/src/content/docs/nrql/nrql-examples/query-entities-via-nrql.mdx index e40223e9afb..48ae13f6a82 100644 --- a/src/content/docs/nrql/nrql-examples/query-entities-via-nrql.mdx +++ b/src/content/docs/nrql/nrql-examples/query-entities-via-nrql.mdx @@ -6,7 +6,7 @@ freshnessValidatedDate: 2024-03-19 Streamline your system analysis by using New Relic Query Language (NRQL) to directly query entity and relationship data. This approach replaces cumbersome manual processes for crucial tasks like correlating CPU performance with host attributes, viewing past entity states, or tracking configuration changes, offering faster insights into your complex environments. -To query this data, you'll need Advanced Compute; use the Entity event type (and Relationships or entityRelationships for relationship-specific queries). +To query this data, use the `Entity` event type (and `Relationships` or `entityRelationships` for relationship-specific queries). New to querying entities & relationships with NRQL? Learn about the [concepts and benefits of E&R via NRQL](/docs/nrql/get-started/query-entities-and-relationships-via-nrql) before exploring these examples. diff --git a/src/content/docs/service-architecture-intelligence/catalogs/applications-catalog.mdx b/src/content/docs/service-architecture-intelligence/catalogs/applications-catalog.mdx index c4a0a6a69c3..3d3ee61d625 100644 --- a/src/content/docs/service-architecture-intelligence/catalogs/applications-catalog.mdx +++ b/src/content/docs/service-architecture-intelligence/catalogs/applications-catalog.mdx @@ -27,7 +27,7 @@ The current New Relic Applications catalog experience supports the following ent **Prerequisite:** -- Enable catalogs in your New Relic account. For more information, see [Enable the catalogs](/docs/service-architecture-intelligence/catalogs/catalogs/#enable-catalogs). +- Catalogs is automatically enabled for Full platform users. For more information, see [Catalogs availability](/docs/service-architecture-intelligence/catalogs/catalogs/#availability). **To access the Applications catalog inventory:** diff --git a/src/content/docs/service-architecture-intelligence/catalogs/catalogs.mdx b/src/content/docs/service-architecture-intelligence/catalogs/catalogs.mdx index fe8d9439a8c..1d3f1c824e8 100644 --- a/src/content/docs/service-architecture-intelligence/catalogs/catalogs.mdx +++ b/src/content/docs/service-architecture-intelligence/catalogs/catalogs.mdx @@ -14,13 +14,13 @@ New Relic Catalogs provides a single-pane view that enhances the observability a With Catalogs, you can quickly identify and focus on the most relevant information, ensuring easy access to what matters most. It serves as the single source of truth, enabling users to discover, manage, and optimize their systems with confidence. -By consolidating data from multiple sources—including [Teams](/docs/service-architecture-intelligence/teams/teams), [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started), [Maps](/docs/service-architecture-intelligence/maps/advanced-maps/), and repository into a single interface, Catalogs replaces the All Entities view, offering a more structured and insightful experience. It provides a comprehensive overview of high-value entities, enriched with detailed metadata and actionable insights, helping teams stay aligned and efficient. +By consolidating data from multiple sources—including [Teams](/docs/service-architecture-intelligence/teams/teams), [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started), [Maps](/docs/service-architecture-intelligence/maps/advanced-maps/), and [repository](/docs/service-architecture-intelligence/github-integrations/github-cloud-integration/) into a single interface, Catalogs replaces the All Entities view, offering a more structured and insightful experience. It provides a comprehensive overview of high-value entities, enriched with detailed metadata and actionable insights, helping teams stay aligned and efficient. ## Key features [#features] -- Unified view: Catalogs is integrated with various sources such as [Teams](/docs/service-architecture-intelligence/teams/teams), [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started), [Maps](/docs/service-architecture-intelligence/maps/advanced-maps/), and repository into a single cohesive interface. This displays high-value entity types with detailed metadata including golden metrics and insights to provide a deeper understanding of system status. +- Unified view: Catalogs is integrated with various sources such as [Teams](/docs/service-architecture-intelligence/teams/teams), [Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started), [Maps](/docs/service-architecture-intelligence/maps/advanced-maps/), and [repository](/docs/service-architecture-intelligence/github-integrations/github-cloud-integration/) into a single cohesive interface. This displays high-value entity types with detailed metadata including golden metrics and insights to provide a deeper understanding of system status. - Personalized experience: Allows users to customize their view to focus on the most relevant content. This helps users to streamline workflows and enhance productivity. @@ -33,39 +33,36 @@ By consolidating data from multiple sources—including [Teams](/docs/servi ## Getting started [#getting-started] -### Prerequisites [#prerequisites] + -Catalogs is available for free to all users on [Advanced Compute pricing](/docs/licenses/license-information/usage-plans/new-relic-one-usage-plan-descriptions/#list-price) who have enabled at least one of the following products in the [Feature Control Management UI](http://one.newrelic.com/admin-portal/feature-control-management/home): +### Availability [#availability] -- **[Scorecards](/docs/service-architecture-intelligence/scorecards/getting-started/)**: Evaluate your entities against company-defined best practices. -- **[Teams](/docs/service-architecture-intelligence/teams/teams/)**: Organize and manage entity ownership across your organization. -- **[Transaction 360](/docs/apm/transactions/workload-performance-monitoring/introduction/)**: Get comprehensive insights into your application transactions. +Catalogs is available for all [Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities) and is automatically enabled. On the [Data + Core Compute](/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing/) pricing model, all users are Full platform users and have access to Catalogs. Core and Basic users in a User pricing model continue to see All Entities. -When these conditions are met, Catalogs automatically replaces All Entities as your default experience, unless you've explicitly opted out and set All Entities as your default. +[Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities) can switch between Catalogs and All Entities: click **Switch back to all entities** from the Catalogs view to go to All Entities, or click **Try It Now** from the All Entities page to return to Catalogs. -Want to know more about Catalogs and how to enable it? [Contact our sales team](https://newrelic.com/contact-sales) for more information. +### Roles and permissions [#roles-permissions] -### Enable the Catalogs [#enable-catalogs] +Catalogs is a read-only experience. The following role is required to view catalog entries. -**To manually enable the catalogs inventory:** - -1. Log in to your New Relic platform. -2. Go to the **left navigation pane > All Entities**. -3. Click the **Try It Now** button. -4. Follow the on-screen instructions and accept the terms and conditions to complete the onboarding. - - After you complete onboarding, the Catalogs page displays, replacing the All Entities page. - - - {/* Catalog */} + + + + + + + + + + + + + +
ActionRequired role
View catalog entries[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
- - To go back to the All Entities page, see [Back to All Entities](#back-entities). - + +There are no create, update, or delete operations available within Catalogs. For more information on the overall SAI role model, see [SAI Getting Started](/docs/service-architecture-intelligence/getting-started/#roles-permissions). + ### Personalize the view [#personalized-view] diff --git a/src/content/docs/service-architecture-intelligence/catalogs/infrastructure-catalog.mdx b/src/content/docs/service-architecture-intelligence/catalogs/infrastructure-catalog.mdx index 2c66232b656..87dca66e9cc 100644 --- a/src/content/docs/service-architecture-intelligence/catalogs/infrastructure-catalog.mdx +++ b/src/content/docs/service-architecture-intelligence/catalogs/infrastructure-catalog.mdx @@ -30,7 +30,7 @@ The Infrastructure catalog is available in the New Relic platform, providing a c **Prerequisites:** -* Enable Catalogs in your New Relic account. For more information, see [Enable the Catalogs](https://docs.newrelic.com/docs/service-architecture-intelligence/catalogs/catalogs/#enable-catalogs). +* Catalogs is automatically enabled for Full platform users. For more information, see [Catalogs availability](/docs/service-architecture-intelligence/catalogs/catalogs/#availability). * (Recommended) Turn on [Autodiscovery](/docs/infrastructure/amazon-integrations/connect/set-up-auto-discovery-of-aws-entities/) to see how your applications connect to their underlying infrastructure resources. This helps you get more value from the Infrastructure catalog. **To access the Infrastructure catalog inventory:** diff --git a/src/content/docs/service-architecture-intelligence/catalogs/repository-catalog.mdx b/src/content/docs/service-architecture-intelligence/catalogs/repository-catalog.mdx index 06da08aa7f6..c43a4f9d13d 100644 --- a/src/content/docs/service-architecture-intelligence/catalogs/repository-catalog.mdx +++ b/src/content/docs/service-architecture-intelligence/catalogs/repository-catalog.mdx @@ -28,7 +28,7 @@ The Repository catalog is a tool designed to centralize and streamlin **Prerequisite:** -- Enable Catalogs in your New Relic account. For more information, see [Enable the Catalogs](/docs/service-architecture-intelligence/catalogs/catalogs/#enable-catalogs). +- Catalogs is automatically enabled for Full platform users. For more information, see [Catalogs availability](/docs/service-architecture-intelligence/catalogs/catalogs/#availability). **To access the Repository catalog inventory:** diff --git a/src/content/docs/service-architecture-intelligence/getting-started.mdx b/src/content/docs/service-architecture-intelligence/getting-started.mdx index 1e08f4db8f8..d489057a563 100644 --- a/src/content/docs/service-architecture-intelligence/getting-started.mdx +++ b/src/content/docs/service-architecture-intelligence/getting-started.mdx @@ -1,12 +1,12 @@ --- title: "Getting Started with Service Architecture Intelligence" metaDescription: "Learn more about Service Architecture Intelligence in New Relic One." -tags: ["service architecture intelligence", "New Relic One", "service catalog", "scorecards", "catalog", "inventory catalog", "repository catalog", "infrastructure catalog", "team"] +tags: ["service architecture intelligence", "New Relic One", "service catalog", "scorecards", "catalog", "inventory catalog", "repository catalog", "infrastructure catalog", "team", "internal developer portal", "IDP", "New Relic IDP", "developer portal", "platform engineering", "engineering portal"] freshnessValidatedDate: never --- -Service Architecture Intelligence provides a centralized view of your organization's services and operations. It enhances productivity by offering tools for effective resource management, operational optimization, and compliance assurance. The Service Architecture Intelligence has integrated various capabilities, including team management, system observability, performance evaluation, and infrastructure visualization, to streamline processes and improve collaboration across teams. +Service Architecture Intelligence is New Relic's Internal Developer Portal (IDP) which provides a centralized view of your organization's services and operations. Available for all [Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities), it enhances productivity by offering tools for effective resource management, operational optimization, and compliance assurance. Service Architecture Intelligence integrates various capabilities—including team management, system observability, performance evaluation, and infrastructure visualization—to streamline processes and improve collaboration across teams. ## Capabilities [#capabilities] @@ -23,3 +23,37 @@ The Service Architecture Intelligence offers the following capabilities: - [Scorecards:](/docs/service-architecture-intelligence/scorecards/getting-started) New Relic Scorecards evaluate team or group performance against predefined rules and custom metrics. They provide a standardized and structured approach to software development, helping organizations adhere to a well-defined engineering strategy. - [Maps:](/docs/service-architecture-intelligence/maps/advanced-maps) The new map experience provides a unified and integrated view of your cloud estate, allowing seamless navigation and exploration of services and infrastructure. It integrates tracing, infrastructure, and performance data into a cohesive experience, addressing limitations of the previous service map. + +## User roles and permissions [#roles-permissions] + +To access SAI features, users must have the appropriate organization-level roles. All SAI products require at minimum the [**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles) role (organization-scoped) for read access. + +Write access (create, update, delete) is available for **Teams**, **Scorecards**, and **GitHub integration**. See the individual product pages below for specific role requirements. + + + + + + + + + + + + + + + + + + + + + +
Access levelRequired roleApplies to
Read (view)Organization read onlyAll SAI products
Write (create, update, delete)Varies by productTeams, Scorecards, GitHub integration
+ +For detailed role breakdowns and custom role guidance, see the individual product pages: +- [Teams roles and permissions](/docs/service-architecture-intelligence/teams/teams/#roles-permissions) +- [Catalogs roles and permissions](/docs/service-architecture-intelligence/catalogs/catalogs/#roles-permissions) +- [Scorecards roles and permissions](/docs/service-architecture-intelligence/scorecards/getting-started/#roles-permissions) +- [Maps roles and permissions](/docs/service-architecture-intelligence/maps/advanced-maps/#roles-permissions) diff --git a/src/content/docs/service-architecture-intelligence/maps/advanced-maps.mdx b/src/content/docs/service-architecture-intelligence/maps/advanced-maps.mdx index e8d47851dae..b7a6a9790a8 100644 --- a/src/content/docs/service-architecture-intelligence/maps/advanced-maps.mdx +++ b/src/content/docs/service-architecture-intelligence/maps/advanced-maps.mdx @@ -14,17 +14,17 @@ freshnessValidatedDate: never * **Comprehensive visualization**: View your entire digital landscape that shows all your services and infrastructure in one place. This visualization helps you quickly grasp complex architectures and make informed decisions about your cloud environment. -* **Automatic Resource Detection**: With [auto-discovery](/docs/infrastructure/amazon-integrations/connect/set-up-auto-discovery-of-aws-entities/), Maps automatically identifies new resources and their relationships. This feature ensures your data is always current, reducing the time and effort needed to manually update and track changes in your cloud estate. +* **Automatic Resource Detection**: With [auto-discovery](/docs/infrastructure/amazon-integrations/connect/set-up-auto-discovery-of-aws-entities/), Maps automatically identifies new resources and their relationships. This feature ensures your data is always current, reducing the time and effort needed to manually update and track changes in your cloud estate. -## Service map (old) vs. Maps [#differences] +## Service map (old) vs. Maps [#differences] - + @@ -67,12 +67,35 @@ freshnessValidatedDate: never
Feature Service mapMapsMaps
-## Prerequisites for Maps access [#prerequisites] -To experience the new map features, you must [opt in](/docs/accounts/accounts-billing/new-relic-one-user-management/feature-control-manager) for one of the following product capabilities. Opting in automatically enables **Maps**. -* [Transaction 360](/docs/apm/transactions/workload-performance-monitoring/introduction) -* [Scorecard](/docs/service-architecture-intelligence/scorecards/getting-started) -* [Teams](/docs/service-architecture-intelligence/teams/teams) +## Availability [#availability] +Maps is available for all [Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities). On the [Data + Core Compute](/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing/) pricing model, all users are Full platform users and have access to Maps. Core and Basic users in a User pricing model continue to get the old maps experience. + +If you're a Full platform user and want to switch back to the old maps experience, click **Switch back for now** from the map view. + + +## Roles and permissions [#roles-permissions] + +Maps is a read-only experience. The following role is required to view maps. + + + + + + + + + + + + + + +
ActionRequired role
View maps[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
+ + +There are no create, update, or delete operations available within Maps. For more information on the overall SAI role model, see [SAI Getting Started](/docs/service-architecture-intelligence/getting-started/#roles-permissions). + ## Map components [#map-components] diff --git a/src/content/docs/service-architecture-intelligence/scorecards/getting-started.mdx b/src/content/docs/service-architecture-intelligence/scorecards/getting-started.mdx index 3de2aed1f4a..33025b8d531 100644 --- a/src/content/docs/service-architecture-intelligence/scorecards/getting-started.mdx +++ b/src/content/docs/service-architecture-intelligence/scorecards/getting-started.mdx @@ -6,16 +6,70 @@ freshnessValidatedDate: never --- Scorecards are designed to help organizations adhere to a well-defined engineering strategy by providing a standardized and structured approach to software development. -You can use Scorecards in New Relic to evaluate team or group performance against predefined rules and custom metrics. Scorecards help organizations adhere to a well-defined engineering strategy by providing a standardized and structured approach to software development. By transforming strategic goals into measurable outcomes, Scorecards facilitate continuous improvement and informed decision-making. - - -Scorecards are available only to the [Advanced Compute](https://newrelic.com/pricing/compute#pricing_plan-compute) customers. When you use Scorecards, you also get access to the following capabilities: - -* [Catalogs](https://docs.newrelic.com/docs/service-architecture-intelligence/catalogs/catalogs/) -* [Maps](https://docs.newrelic.com/docs/service-architecture-intelligence/maps/advanced-maps/) +You can use Scorecards in New Relic to evaluate team or group performance against predefined rules and custom metrics. By transforming strategic goals into measurable outcomes, Scorecards facilitate continuous improvement and informed decision-making. + +## Availability [#availability] + +Scorecards is available for all [Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities). Core and Basic users don't have access to Scorecards. On the [Data + Core Compute](/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing/) pricing model, all users are Full platform users and have access to Scorecards. + +## Roles and permissions [#roles-permissions] + +The following roles determine what actions users can perform in Scorecards. + + + + + + + + + + + + + + + + + + +
ActionRequired role
View Scorecards[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Create, update, and delete Scorecards and rules[**Organization Product Admin**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles) or a custom Scorecards role
+ +### Scorecards capabilities [#scorecards-capabilities] + +To delegate Scorecards write access to users without granting them the Organization Product Admin role, you can [create a custom role for Scorecards through the UI](/docs/accounts/accounts-billing/new-relic-one-user-management/account-user-mgmt-tutorial/#roles). Scorecards permissions are organization-scoped. + + + + + + + + + + + + + + + + + + + + + + + + + + +
CapabilityPermission identifier
Read Scorecards (also grants `scorecards.read.rule`)`scorecards.read.scorecard`
Create, update, and delete Scorecards`scorecards.modify.scorecard`
Read Scorecard rules`scorecards.read.rule`
Create, update, and delete Scorecard rules`scorecards.modify.rule`
+ + +You can also create a custom role for Scorecards via the NerdGraph API. For step-by-step instructions, see [Create custom roles for Scorecards](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial). - ## Key Features [#key-features] By leveraging Scorecards, you can: diff --git a/src/content/docs/service-architecture-intelligence/scorecards/managing-scorecards.mdx b/src/content/docs/service-architecture-intelligence/scorecards/managing-scorecards.mdx index 0752ebb709f..ef2ab64a9f5 100644 --- a/src/content/docs/service-architecture-intelligence/scorecards/managing-scorecards.mdx +++ b/src/content/docs/service-architecture-intelligence/scorecards/managing-scorecards.mdx @@ -7,7 +7,6 @@ freshnessValidatedDate: never A Scorecard serves as a container for various rules that collectively assess adherence to defined standards. Scorecards use rules to monitor compliance across different entities and teams, identify areas for improvement, and ensure alignment with both internal and external requirements. This document provides instruction on how to create and manage Scorecards and its rules in New Relic. - ## Create a new Scorecard [#create-scorecard] You can create a Scorecard using one of available templates or your own Scorecards and add their rules to meet your requirements. @@ -22,7 +21,7 @@ Use NerdGraph mutations to create or manage your Scorecards. For more informatio **Prerequisites:** - An active New Relic account ID to create this Scorecard -- Users with the **Organization Product Admin** role can create, update, and delete Scorecards and rules. If you need to delegate these permissions to other users, you can [create a custom role for Scorecards](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial) +- Appropriate role to create Scorecards. See [Roles and permissions](#roles-permissions). @@ -63,11 +62,11 @@ You can create rules for Scorecards using NRQL queries. Each rule can span multi - You must have an active New Relic account ID to create this rule - You have a Scorecard created. For more information, refer to [Create a new Scorecard](#create-scorecard) -- Users with the **Org Product Admin** role can create, update, and delete Scorecards and rules. If you need to delegate these permissions to other users, you can [create a custom role for Scorecards](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial) +- Users with the **Org Product Admin** role can create, update, and delete Scorecards and rules. If you need to delegate these permissions to other users, you can [create a custom role for Scorecards through the UI](/docs/accounts/accounts-billing/new-relic-one-user-management/account-user-mgmt-tutorial/#roles) -Use NerdGraph mutations to create or manage your Scorecards rules. For more information, refer [Scorecards tutorial](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial). +Use NerdGraph mutations to create or manage your Scorecards rules. For more information, refer [Create custom roles for Scorecards](/docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial). **To create a rule:** diff --git a/src/content/docs/service-architecture-intelligence/teams/teams.mdx b/src/content/docs/service-architecture-intelligence/teams/teams.mdx index 0b6809d1910..c96fe8ab575 100644 --- a/src/content/docs/service-architecture-intelligence/teams/teams.mdx +++ b/src/content/docs/service-architecture-intelligence/teams/teams.mdx @@ -10,6 +10,84 @@ freshnessValidatedDate: never New Relic Teams connects the entities you're monitoring to the teams that own them. By clearly defining ownership, you can quickly identify the responsible team during an incident, find the right contact for any service or entity, and understand where a team sits within your organization. Teams helps you accelerate troubleshooting, enhance collaboration, and improve operational efficiency across your entire stack. +## Availability [#availability] + +Teams is available for all [Full platform users](/docs/accounts/accounts-billing/new-relic-one-user-management/user-type/#user-type-capabilities). Core and Basic users don't have access to Teams. On the [Data + Core Compute](/docs/accounts/accounts-billing/new-relic-one-pricing-billing/new-relic-one-pricing-billing/) pricing model, all users are Full platform users and have access to Teams. + +## Roles and permissions [#roles-permissions] + +The following roles determine what actions users can perform in Teams. + + + + + + + + + + + + + + + + + + + + + + +
ActionRequired role
View teams[**Organization read only**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Modify teams[**Organization Product Admin**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
Create and delete teams[**Organization Manager**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles) or [**Authentication Manager**](/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts/#standard-roles)
+ +### Teams capabilities [#teams-capabilities] + +To enable additional users to create and delete teams without granting them the Organization Manager or Authentication Manager roles, you can [create a custom role for Teams through the UI](/docs/accounts/accounts-billing/new-relic-one-user-management/account-user-mgmt-tutorial/#roles). Teams permissions are organization-scoped. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
CapabilityPermission identifier
Read teams`teams.read.team`
Delete teams`teams.delete.team`
Create teams`teams.create.team`
Modify teams`teams.update.team`
Read access to the automations/settings page`teams.read.organization_settings`
Modify access to the automations/settings page`teams.manage.organization_settings`
Create teams from IdP user groups (for example, Okta)`authentication_domain.read.groups`
+ + +You can also create a custom role for Teams via the NerdGraph API. For step-by-step instructions, see [Create custom roles for Teams](/docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial). + + ## Ownership and organizational context [#ownership] The primary use case for Teams is ownership: enabling you to understand who owns what across the platform. This includes identifying the owning team for any given entity, along with relevant contact information. This capability is especially critical during incidents but is also broadly useful for day-to-day tasks. diff --git a/src/nav/telemetry-data-platform.yml b/src/nav/telemetry-data-platform.yml index 97547b5173c..4964b0adadc 100644 --- a/src/nav/telemetry-data-platform.yml +++ b/src/nav/telemetry-data-platform.yml @@ -224,18 +224,22 @@ pages: path: /docs/apis/nerdgraph/examples/synthetics-api/query-synthetics-data - title: Metric normalization rules tutorial path: /docs/apis/nerdgraph/examples/nerdgraph-metric-normalization-rule - - title: Scorecards tutorial - path: /docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial - - title: Custom role for Scorecards - path: /docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial + - title: Scorecards + pages: + - title: Scorecards tutorial + path: /docs/apis/nerdgraph/examples/nerdgraph-scorecards-tutorial + - title: Custom role for Scorecards + path: /docs/apis/nerdgraph/examples/nerdgraph-scorecards-custom-tutorial - title: Secrets management service path: /docs/apis/nerdgraph/examples/nerdgraph-api-secret-management-service - title: Data access control path: /docs/apis/nerdgraph/examples/nerdgraph-data-access-control - - title: Teams tutorial - path: /docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial - - title: Custom role for Teams - path: /docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial + - title: Teams + pages: + - title: Teams tutorial + path: /docs/apis/nerdgraph/examples/nerdgraph-teams-tutorial + - title: Custom role for Teams + path: /docs/apis/nerdgraph/examples/nerdgraph-teams-custom-role-tutorial - title: REST APIs pages: - title: REST API v2