Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

Feature Idea: API Key to modify alarms

feature-idea
apikeys

#1

Hello,

I’m not sure where to put this request.

We use Terraform for creating alarms and whatnot for our platform. Currently, we have to use an admin api key in order to achieve this. I do not understand why we cannot use the REST API key for this. This makes it difficult for our team to operate in a secure manner. I would create a “bot” or “machine” account to accomplish this, but non-admin users do not have API keys. This too I do not understand. Shouldn’t a user have an API key and be able to access all the resources that they are authorized to do so?

This would have been a worthy solution to create an “infrastructure” user, and give it only access to alerts/alarms/monitoring capabilities.

What is the solution here? I’m not willing to share my admin API key with all the members of my team, nor am I willing to make everybody on my team an admin, nor am I willing to make a “dummy” admin user.

Please advise!


New Relic edit

  • I want this, too
  • I have more info to share (reply below)
  • I have a solution for this

0 voters

We take feature ideas seriously and our product managers review every one when plotting their roadmaps. However, there is no guarantee this feature will be implemented. This post ensures the idea is put on the table and discussed though. So please vote and share your extra details with our team.


#2

Hi @volte,

I understand your need for a non-admin API key to use in order to operate in a secure manner. Unfortunately, although a REST API key that is associated with the account will allow users to view data in the API an Admin REST API key is required to create, change and delete alert conditions, policies and channels. I am including the documentation for the REST API keys below for more information.

Types of New Relic API keys

I can definitely see the value of having API keys restricted by user roles. We can convert this post into a feature idea and get that request filed internally for you.


#3

Hello @volte,

For security reasons, an admin key is required to perform any kind of activity that makes a change to your application’s configurations. This is meant to provide an extra level of security around actions that could be sensitive or substantially alter how your applications perform.

However, I can see your point about the value of user roles in this way, and I’m going to have the community team add a feature request poll to your post.