Default Installation Permissions - Tableau Resource Monitoring Tool
The following topic provides the default permissions set on various system accounts or groups during installation. If your environment or organization requires you to use non-default accounts, this helps you determine what permissions are necessary for Resource Monitoring Tool (RMT) to function properly.
Note: Resource Monitoring Tool (RMT) server and agent are not Federal Information Processing Standard (FIPS) 140-2 compliant, and will not function properly on operating systems running with FIPS mode enabled.
Windows installations
By default Tableau Resource Monitoring Tool creates these accounts when installed:
-
NT SERVICE\TableauResourceMonitoringTool
-
NT SERVICE\TableauResourceMonitoringToolPostgreSQL
-
NT SERVICE\TableauResourceMonitoringToolRabbitMQ
If you want or need to use other accounts in place of the default accounts, you can specify these after installation using the rmt-admin command line utility. For details, see rmtadmin service-setup.
The permissions used by these default service accounts are shown below, as well as the minimum required permissions. Your service accounts should match the minimum permissions or the default permissions:
| Service Account | Resource | Default permissions | Required minimum permissions |
|---|---|---|---|
| Tableau Resource Monitoring Tool Master | |||
|
Application files
|
Full control: read, write execute, modify |
Full control | |
|
Log directories and files
|
Full control: read, write execute, modify |
Read, write | |
|
Configuration directory
|
Full control: read, write execute, modify |
Full conyrol | |
| Tableau Resource Monitoring Tool PostgreSQL | |||
|
Application directory
|
Full control: read, write execute, modify | Full control | |
|
Data directory
|
Full control: read, write execute, modify | Full control | |
|
Logs directory
|
Full control: read, write execute, modify | Read, write . | |
| Tableau Resource Monitoring Tool RabbitMQ | |||
|
Data directory
|
Full control: read, write execute, modify | Full control | |
|
Application files
|
Full control: read, write execute, modify | Full control | |
|
Log files
|
Full control: read, write execute, modify | Read, write | |
| Tableau Resource Monitoring Tool Agent | |||
|
Application files
|
Full control: read, write execute, modify | Full control | |
|
Log directory and files
|
Full control: read, write execute, modify | Read | |
|
Configuration directory
|
Full control: read, write execute, modify | Full control |
Linux installations
By default Tableau Resource Monitoring Tool creates certain accounts when installed. If you want or need to use groups and users in place of the defaults, you can specify these after installation using the rmt-admin command line utility. For details, see rmtadmin service-setup.
The default permissions used by these service accounts are shown below. Your permissions should match these permissions:
| Service Account | Resource | permissions |
|---|---|---|
| Tableau Resource Monitoring Tool Master | ||
|
Application files
|
Owner - Full permissions (read, write, execute)
Group - read, write, execute Others - read, execute |
|
|
Log directories and files
|
Owner - Full permissions (read, write, execute)
Group - read, write, execute Others - read, execute |
|
|
Configuration directory
|
Owner - Full permissions (read, write, execute)
Group - read, write, execute Others - read, execute |
|
| Tableau Resource Monitoring Tool PostgreSQL | ||
|
Application directory
|
Owner - Full permissions (read, write, execute)
Group - read, execute Others - read, execute |
|
|
Service directory
|
Owner - Full permissions (read, write, execute)
Group - none Others - none |
|
|
Data directory
|
Owner - Full permissions (read, write, execute)
Group - read, write, execute Others - read, execute |
|
|
Logs directory
|
Owner - Full permissions (read, write, execute)
Group - read, write, execute Others - execute |
|
|
Other directories under the PostgreSQL directory not mentioned above
|
Owner - read, write Group - none Others - none |
|
/var/opt/tableau/tabrmt/data/postgresql13/base
|
Owner - Full permissions (read, write, execute)
Group - none Others - none |
|
/var/opt/tableau/tabrmt/data/postgresql13/certificates
|
Owner - Full permissions (read, write, execute)
Group - Full permissions (read, write, execute) Others - execute |
|
| Tableau Resource Monitoring Tool RabbitMQ | ||
|
Data directory
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - read, execute |
|
|
Application files
|
Owner - Full permissions (read, write, execute)
Group - read,execute Others - read, execute |
|
|
Log files
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - execute |
|
|
Other directories (under
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - execute |
|
/var/opt/tableau/tabrmt/data/rabbitmq/<other than mentioned>
|
Owner - read, execute Group - read, execute Others - none |
|
| Tableau Resource Monitoring Tool Agent | ||
|
Application files
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - read, execute |
|
|
Log directory and files
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - read, execute |
|
|
Configuration directory
|
Owner - Full permissions (read, write, execute)
Group - read, write, and execute Others - read, execute |