Skip to content

Cross-workspace Authorization

Guance isolates data by workspace to ensure the independent security of data in each workspace. At the same time, it supports cross-workspace data authorization, allowing you to authorize data from multiple workspaces to the current workspace for querying and displaying through scenario dashboards, views, and other chart components. After configuring data authorization, you can view data from all authorized workspaces in a single workspace.

Additionally, the platform supports unified querying across workspaces under the same site. Once this feature is enabled, you can directly query and aggregate data from all other workspaces under the same site within the current workspace, without the need to configure data authorizations one by one.

Note

Querying across multiple sites simultaneously is not supported.

Add Authorization

  1. Go to Manage > Cross-workspace Authorization > Authorize To.
  2. Click Add Authorization.
  3. Select the site to authorize.
  4. Enter the ID of the workspace to authorize.
  5. Define the data scope.
  6. Confirm.
How to Obtain Workspace ID

Go to Manage > Workspace Settings > Workspace ID, click Copy to obtain the workspace ID.

Data Scope

Includes Synthetic Tests, Cloud Billing, LOG, APM, Metrics, Basic Objects, Resource Catalog, Event, RUM, Network, Profile, LLM. Multiple selections are supported.

  • LOG Indexes: If the selected data scope includes LOG data (i.e., "All" or "LOG" is selected), you can further select the indexes you need to authorize for viewing (❗️These indexes include default indexes and all LOG indexes. Excludes external indexes).

  • When the data scope is "Metrics", you can refine the authorization scope for metrics:

    • Default option: The system displays "All". If the input field is left blank, it means authorizing all measurements in the current workspace.
    • Custom filtering: Supports manually entering tag conditions for filtering. Multiple tag conditions should be separated by English commas, in the format key:value. For example, entering host:server, env:prod will only authorize metric data that matches these tag conditions.

View Authorization

  • Authorize To: Add authorizations from other workspaces to this workspace.

  • Can View: Add authorizations from this workspace to other workspaces.

In the authorization list, you can perform the following management operations:

  • Filter the list by site.
  • Search and locate by workspace name or ID.
  • Delete data authorization for a specific workspace.
  • Re-edit authorization rules via the edit button.
  • When adding or deleting data authorizations, the system will generate audit events and send email notifications to the owners and administrators of the corresponding workspaces.

Impact Scope

When editing or deleting authorization rules, if the data scope or LOG indexes are reduced, a sliding window will appear on the right after confirmation, displaying the impact scope of the deleted data authorization in the authorized workspace, including the names of monitors and data access configurations.

Supports exporting this list as a CSV file.

Application Scenarios

After successfully adding cross-workspace authorization, you can perform cross-space queries through the following entry points within the workspace.

Feedback

Is this page helpful? ×