Enable access control¶
Access control in PMM lets you restrict user access to specific metrics and Query Analytics data based on their roles. Choose your preferred method to enable this feature:
When deploying PMM Server with Docker, enable access control by passing an environment variable:
docker run -d \
--name pmm-server \
-p 443:8443 \
-e PMM_ENABLE_ACCESS_CONTROL=1 \
percona/pmm-server:latest
For Docker Compose deployments, add the environment variable to your docker-compose.yml
file:
services:
pmm-server:
image: percona/pmm-server:latest
ports:
- "443:8443"
environment:
- PMM_ENABLE_ACCESS_CONTROL=1
volumes:
- pmm-data:/srv
To enable access control from the PMM web interface:
- Log in to PMM with an administrator account.
- From the main menu, go to PMM Configuration > Settings > Advanced Settings > Access Control.
- Toggle the toggle.
- Click Apply changes to save your settings.
After enabling access control¶
Once access control is enabled:
- All existing users will have full access until you assign specific roles.
- Create access roles for different user types.
- Assign the new roles to your PMM users.
- Test that restrictions work as expected.