XIMP security encompasses agent authentication via per-node tokens, dashboard access
control through Xloud identity roles, and TLS certificate lifecycle management for
all platform communications.
Administrator Access Required — This operation requires the admin role. Contact your
Xloud administrator if you do not have sufficient permissions.
Each XIMP agent authenticates to the collector using a unique per-node token.
Rotate tokens periodically and immediately when a node is decommissioned or
suspected compromised.
Revoking a token immediately disconnects the associated agent. Ensure the
replacement token is deployed to the agent configuration before revoking
the old one, or the node will stop reporting metrics.
XIMP dashboard access is controlled through Xloud identity roles. Assign roles
based on job function to enforce least-privilege access.
Role
Access Level
Typical Assignees
monitoring-viewer
Read-only — dashboards and alert history
Developers, stakeholders
monitoring-editor
Create and edit dashboards, rules, and channels
Operations engineers
monitoring-admin
Full access — agents, retention, security settings
Platform administrators
Assign roles through XDeploy → Identity → Role Assignments.
Use the monitoring-viewer role for application teams who need to observe their
service metrics without the ability to modify alert rules that affect other teams.
