Closed consideRatio closed 4 weeks ago
@Gman0909 @jnywong a status update about snapshots.
In grafana 11, latest, which we use, snapshots can only be done by users with edit permissions on a specific dashboard. So the permissions go hand in hand.
We could workaround this by raising the permissions by default for users we invite to editor etc.
@yuvipanda do you think we should raise the permissions for people accessing grafana via github to editors?
Can I ask a clarifying question about who is and isn't invited to access Grafana?
If we roll this out as a feature, then a request for access is initiated by the hub admin, right? This in turn grants them an admin/editor role.
What use cases would require a GitHub viewer role and who manages that?
We have no definitive practice here i think, i think we should do an invite to community champions by default, and grant them admin, allowing them to invite others as well.
However, we have used github organization membership to grant access as well, which could make sense for some communities.
We should work on systematicizing how we provide grafana access, but doing that is out of scope for rolling out the AWS cost attribution dashboard and ought to be worked independently. Of course, community champs needs access to make use of the cost attribution dashboard, and the way to provide it if they don't already have it, is to generate a link and send it to them I think.
If they already have access via GitHub identity as a viewer role, by virtue of membership in a github organization granted access to their grafana instance, then raising the default permission from Viewer to Editor is a workaround to ensure they can make use of snapshots.
Snapshots are a way for people to share frozen grafana dashboard views to other people that doesn't need to login etc. In a demo of the cost attribution dashboard with Tasha at nasa-cryo, we concluded that a snapshot could be helpful, but that access to those wasn't available for those logged in via GitHub.
Snapshot permissions are hardcoded, only those with editor permissions are granted snapshot permissions currently. For details, see https://github.com/grafana/grafana/issues/88326#issuecomment-2428829574.
For us to enable viewers to generate and share snapshots, we need grafana to be updated. Until then, we can workaround this by granting people edit access to the dashboards they'd like to snapshot.