Access Control and Roles
The RAI Native App defines two application roles to separate observability configuration from data access.
| Role | Capabilities | Granted By |
|---|---|---|
observability_admin | Configure data sources; call REGISTER_EVENTS_VIEW() and CHECK_EVENTS_VIEW_STATUS() | App admin |
observability_viewer | Read only access to all observability views; no access to configuration procedures or internal metadata | App admin |
Role assignment guidelines:
Section titled “Role assignment guidelines:”- Grant
observability_adminto a small, trusted group responsible for observability configuration - Grant
observability_viewerto engineering and operations users who need to monitor reasoner performance