Platform
Solution
Industry
Role
There is no result.

Leveraging Access Groups for Modules in LogicMonitor

Last updated - 28 October, 2025

LogicMonitor supports using Access Groups to manage module permissions in My Module Toolbox. The following capabilities are available when assigning Access Groups to modules:

  • Control user access—Restrict which users can view or edit specific modules
  • Define permission levels—Enable certain actions (for example, creating a module) while preventing others (for example, committing the module)
  • Manage Access Groups—Enable users assigned to this role to perform create, view, update, and delete (CRUD) operations on Access Groups
  • Enforce field-level restrictions—Limit editing of sensitive fields within a module
  • Manage access directly in the portal—Assign Access Groups to modules using the module editor in your LogicMonitor portal

Leveraging Access Groups involves the following steps:

  1. Assign access group role permissions for create operation
  2. Create an access group
  3. Assign access group role permissions for map operation
  4. Map the access group to a module

Assign Access Group Role Permissions for Create Operation

LogicMonitor enables you to assign the Manage permission for Access Groups within a role, enabling you to perform create, update, or delete (CRUD) operations for access groups.

  1. In LogicMonitor, navigate to Settings>User and Roles>select Roles tab.
  2. Select your required role group and then select manage propeties icon Manage for the role for which you want to assign the permissions.
    Alternatively, you can add a new role and assign the permissions. For more information, see Adding a Role
  3. Select Permissions>Settings>select “Manage” permission for the Access Groups row.
    For more information on the different roles, see LogicMonitor Roles
    Access Group permission on role page
  4. Select Save.

Your required user is granted the necessary permissions to perform create, update, or delete (CRUD) operations.

Create an Access Group

  1. After you have the necessary permissions, you can create an access group, it can then be added to a role, and the role can be assigned to a user. 
    In LogicMonitor, navigate to Settings>Users and Roles.
  2. Select the Access Groups tab.
  3. Select add icon Add Access Group.
  4. In the Add Access Group settings, do the following:
    1. In the Name field, enter a name for the Access Group.
    2. In the Tenant field, enter a tenant name.
      LogicMonitor attempts to match values as you type.
    3. In the Description field, enter a description.
      For example, enter a description for what the Access Group is intended for.
      Add access group page

Note: You can enter a maximum of 255 characters in the Name, Tenant, and Description fields each.

  1. Select Save.

The access group is displayed on the Access Groups page.

Note: You can perform more create, update, or delete (CRUD) operations like update and delete Access Groups. For more information, see Access Groups Settings.

Assign Access Group Role Permissions for Map Operation

LogicMonitor enables you to assign permissions to map and unmap Modules to Access Groups, enabling you to map created access groups when adding a new module or modifying an existing one. Assigning the role to a user provides that user with the specific permissions to the module that the Access Group is mapped to.

  1. In LogicMonitor, navigate to Settings>User and Roles>select Roles tab.
  2. Select your required role group and then select manage propeties icon Manage for the role for which you want to assign the permissions.
    Alternatively, you can add a new role and assign the permissions. For more information, see Adding a Role
  3. Select Permissions > Modules tab.
  4. To grant a user full administrative control to manage module access, toggle Map and unmap Modules to Access Groups switch.
    This setting supersedes all other Modules permissions.
  5. To enable a user to control individual-level permissions for a module, select one or more of the following applicable permissions:
    • To enable the viewing of modules mapped with the Access Group, select the Modules: View permission for each Access Group.
    • To enable updating thresholds of modules mapped with the Access Group, select the Modules: Threshold permission for each Access Group. This applies only to DataSources modules.
    • To enable users with this permission to not create, clone, install, import, or delete modules, select the Modules: Manage (Limited) permission for each Access Group. Also, such users cannot modify appliesTo fields within modules
    • To enable enable committing modules mapped with the Access Group, select the Modules: Commit permission for each Access Group. 
    • To enable users with this permission to create, clone, or delete modules, but cannot install or import them., select the Modules: Manage permission for each Access Group. In addition, users with ‘Module: Manage’ permission can update the appliesTo field. Users can manage the mapping of modules to Access Groups for the groups where they have this permission.
    • To enable Enables updating the threshold of the modules mapped with the Access Group, select the Resources: Group Threshold permission for each Access Group. 
  6. Select Save.

The permissions you enable are applied when managing LogicModules from the Modules page.

Map the Access Group to a Module

After you the necessary permission, you can manage access directly in the LogicMonitor portal by mapping Access Groups to modules using the module editor.

  1. In LogicMonitor, navigate to Modules>My Module Toolbox.
  2. Create a new module, or edit an existing module.
    For more information about creating a new module or editing an existing module, see Custom Module Creation and Editing a Custom Module.
  3. Select the Access Groups tab, and then select add icon.
    Access group tab

Note: “Default Access Group” is always assigned to a new module. You can remove this Access Group after you add the Access Group you need.

  1. In the Access Group field, select an Access Group, and then select Apply.
    You can add up to five Access Groups to the module.
    LogicMonitor attempts to match values as you type.
    Access group apply option

Note:

  • If an access group with tenancy is selected, the AppliesTo field in module automatically populates with the tenant information (system.tenant.identifier). You can only map multiple access groups if they share the same tenant. You cannot map access groups with different tenants. If the access group has no tenant, the module applies to all tenants. For more information on tenant, see Tenant Identifier Property Name
  • The Access Groups available depend on the Access Groups created in Users and Roles. For more information, see Access Groups Settings.
  1. Select Save.

Note: When a module is committed to Exchange, all Access Group assignments are removed.

Access Groups are assigned to modules immediately. Only users mapped through roles with the Access Group can access the module and its settings.

For more information on updating and deleting access groups, see Access Groups Settings.

For more information on removing mapped access groups to your modules, see Removing an Access Group from a Module

For more information on how access groups work when cloning, editing, or deleting a module, see Modules Management

14-day access to the full LogicMonitor platform