Merge branch 'main' into roles-details-page

* feat: removed the sso auth announcement banner

* feat: updated icon to use signozhq icons

frontend/package.json

@@ -61,6 +61,7 @@
 		"@signozhq/sonner": "0.1.0",
 		"@signozhq/switch": "0.0.2",
 		"@signozhq/table": "0.3.7",
+		"@signozhq/toggle-group": "^0.0.1",
 		"@signozhq/tooltip": "0.0.2",
 		"@tanstack/react-table": "8.20.6",
 		"@tanstack/react-virtual": "3.11.2",

frontend/public/locales/en-GB/routes.json

@@ -13,5 +13,6 @@
 	"pipelines": "Pipelines",
 	"archives": "Archives",
 	"logs_to_metrics": "Logs To Metrics",
-	"roles": "Roles"
+	"roles": "Roles",
+	"role_details": "Role Details"
 }

frontend/public/locales/en/routes.json

@@ -13,5 +13,6 @@
 	"pipelines": "Pipelines",
 	"archives": "Archives",
 	"logs_to_metrics": "Logs To Metrics",
-	"roles": "Roles"
+	"roles": "Roles",
+	"role_details": "Role Details"
 }

frontend/src/auto-import-registry.d.ts

@@ -26,4 +26,5 @@ import '@signozhq/resizable';
 import '@signozhq/sonner';
 import '@signozhq/switch';
 import '@signozhq/table';
+import '@signozhq/toggle-group';
 import '@signozhq/tooltip';

frontend/src/constants/localStorage.ts

@@ -29,7 +29,6 @@ export enum LOCALSTORAGE {
 	DONT_SHOW_SLOW_API_WARNING = 'DONT_SHOW_SLOW_API_WARNING',
 	METRICS_LIST_OPTIONS = 'METRICS_LIST_OPTIONS',
 	SHOW_EXCEPTIONS_QUICK_FILTERS = 'SHOW_EXCEPTIONS_QUICK_FILTERS',
-	BANNER_DISMISSED = 'BANNER_DISMISSED',
 	QUICK_FILTERS_SETTINGS_ANNOUNCEMENT = 'QUICK_FILTERS_SETTINGS_ANNOUNCEMENT',
 	FUNNEL_STEPS = 'FUNNEL_STEPS',
 	SPAN_DETAILS_PINNED_ATTRIBUTES = 'SPAN_DETAILS_PINNED_ATTRIBUTES',

frontend/src/constants/routes.ts

@@ -56,6 +56,7 @@ const ROUTES = {
 	TRACE_EXPLORER: '/trace-explorer',
 	BILLING: '/settings/billing',
 	ROLES_SETTINGS: '/settings/roles',
+	ROLE_DETAILS: '/settings/roles/:roleId',
 	SUPPORT: '/support',
 	LOGS_SAVE_VIEWS: '/logs/saved-views',
 	TRACES_SAVE_VIEWS: '/traces/saved-views',

frontend/src/container/Home/Home.styles.scss

@@ -25,51 +25,6 @@
 		background: var(--bg-slate-500);
 	}
 
-	.home-container-banner {
-		position: relative;
-		display: flex;
-		flex-direction: row;
-		align-items: center;
-		justify-content: center;
-		padding: 8px 12px;
-		width: 100%;
-		background-color: var(--bg-robin-500);
-
-		.home-container-banner-close {
-			display: flex;
-			align-items: center;
-			justify-content: center;
-			cursor: pointer;
-			color: var(--bg-vanilla-100);
-
-			position: absolute;
-			right: 12px;
-		}
-
-		.home-container-banner-content {
-			display: flex;
-			align-items: center;
-			justify-content: center;
-			gap: 4px;
-			color: var(--bg-vanilla-100);
-			font-family: Inter;
-			font-size: 12px;
-			font-style: normal;
-			font-weight: 400;
-			line-height: 20px;
-
-			.home-container-banner-link {
-				color: var(--bg-vanilla-100);
-				font-size: 12px;
-				font-style: normal;
-				font-weight: 400;
-				line-height: 20px;
-				letter-spacing: -0.07px;
-				text-decoration: underline;
-			}
-		}
-	}
-
 	.home-header-left {
 		display: flex;
 		align-items: center;

frontend/src/container/Home/Home.tsx

@@ -1,13 +1,13 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useMutation, useQuery } from 'react-query';
 import { Color } from '@signozhq/design-tokens';
+import { Compass, Dot, House, Plus, Wrench } from '@signozhq/icons';
 import { Button, Popover } from 'antd';
 import logEvent from 'api/common/logEvent';
 import listUserPreferences from 'api/v1/user/preferences/list';
 import updateUserPreferenceAPI from 'api/v1/user/preferences/name/update';
 import Header from 'components/Header/Header';
 import { ENTITY_VERSION_V5 } from 'constants/app';
-import { LOCALSTORAGE } from 'constants/localStorage';
 import { ORG_PREFERENCES } from 'constants/orgPreferences';
 import { initialQueriesMap, PANEL_TYPES } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
@@ -15,10 +15,8 @@ import ROUTES from 'constants/routes';
 import { getMetricsListQuery } from 'container/MetricsExplorer/Summary/utils';
 import { useGetMetricsList } from 'hooks/metricsExplorer/useGetMetricsList';
 import { useGetQueryRange } from 'hooks/queryBuilder/useGetQueryRange';
-import { useGetTenantLicense } from 'hooks/useGetTenantLicense';
 import history from 'lib/history';
 import cloneDeep from 'lodash-es/cloneDeep';
-import { CompassIcon, DotIcon, HomeIcon, Plus, Wrench, X } from 'lucide-react';
 import { AnimatePresence } from 'motion/react';
 import * as motion from 'motion/react-client';
 import Card from 'periscope/components/Card/Card';
@@ -51,8 +49,6 @@ export default function Home(): JSX.Element {
 	const [updatingUserPreferences, setUpdatingUserPreferences] = useState(false);
 	const [loadingUserPreferences, setLoadingUserPreferences] = useState(true);
 
-	const { isCommunityUser, isCommunityEnterpriseUser } = useGetTenantLicense();
-
 	const [checklistItems, setChecklistItems] = useState<ChecklistItem[]>(
 		defaultChecklistItemsState,
 	);
@@ -61,13 +57,6 @@ export default function Home(): JSX.Element {
 		false,
 	);
 
-	const [isBannerDismissed, setIsBannerDismissed] = useState(false);
-
-	useEffect(() => {
-		const bannerDismissed = localStorage.getItem(LOCALSTORAGE.BANNER_DISMISSED);
-		setIsBannerDismissed(bannerDismissed === 'true');
-	}, []);
-
 	useEffect(() => {
 		const now = new Date();
 		const startTime = new Date(now.getTime() - homeInterval);
@@ -298,44 +287,13 @@ export default function Home(): JSX.Element {
 		logEvent('Homepage: Visited', {});
 	}, []);
 
-	const hideBanner = (): void => {
-		localStorage.setItem(LOCALSTORAGE.BANNER_DISMISSED, 'true');
-		setIsBannerDismissed(true);
-	};
-
-	const showBanner = useMemo(
-		() => !isBannerDismissed && (isCommunityUser || isCommunityEnterpriseUser),
-		[isBannerDismissed, isCommunityUser, isCommunityEnterpriseUser],
-	);
-
 	return (
 		<div className="home-container">
 			<div className="sticky-header">
-				{showBanner && (
-					<div className="home-container-banner">
-						<div className="home-container-banner-content">
-							Big News: SigNoz Community Edition now available with SSO (Google OAuth)
-							and API keys -
-							<a
-								href="https://signoz.io/blog/open-source-signoz-now-available-with-sso-and-api-keys/"
-								target="_blank"
-								rel="noreferrer"
-								className="home-container-banner-link"
-							>
-								<i>read more</i>
-							</a>
-						</div>
-
-						<div className="home-container-banner-close">
-							<X size={16} onClick={hideBanner} />
-						</div>
-					</div>
-				)}
-
 				<Header
 					leftComponent={
 						<div className="home-header-left">
-							<HomeIcon size={14} /> Home
+							<House size={14} /> Home
 						</div>
 					}
 					rightComponent={
@@ -400,7 +358,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -427,7 +385,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Logs
 										</div>
 									</div>
@@ -441,7 +399,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -468,7 +426,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Traces
 										</div>
 									</div>
@@ -482,7 +440,7 @@ export default function Home(): JSX.Element {
 									<div className="active-ingestion-card-content-container">
 										<div className="active-ingestion-card-content">
 											<div className="active-ingestion-card-content-icon">
-												<DotIcon size={16} color={Color.BG_FOREST_500} />
+												<Dot size={16} color={Color.BG_FOREST_500} />
 											</div>
 
 											<div className="active-ingestion-card-content-description">
@@ -509,7 +467,7 @@ export default function Home(): JSX.Element {
 												}
 											}}
 										>
-											<CompassIcon size={12} />
+											<Compass size={12} />
 											Explore Metrics
 										</div>
 									</div>

frontend/src/container/MetricsExplorer/MetricDetails/AllAttributes.tsx

@@ -1,4 +1,4 @@
-import { useCallback, useMemo, useState } from 'react';
+import { useCallback, useMemo, useRef, useState } from 'react';
 import { useCopyToClipboard } from 'react-use';
 import {
 	Button,
@@ -6,7 +6,7 @@ import {
 	Input,
 	Menu,
 	Popover,
-	Skeleton,
+	Tooltip,
 	Typography,
 } from 'antd';
 import { ColumnsType } from 'antd/es/table';
@@ -14,148 +14,49 @@ import logEvent from 'api/common/logEvent';
 import { useGetMetricAttributes } from 'api/generated/services/metrics';
 import { ResizeTable } from 'components/ResizeTable';
 import { DataType } from 'container/LogDetailedView/TableView';
-import { useNotifications } from 'hooks/useNotifications';
-import { Compass, Copy, Search } from 'lucide-react';
+import { Check, Copy, Info, Search, SquareArrowOutUpRight } from 'lucide-react';
 
 import { PANEL_TYPES } from '../../../constants/queryBuilder';
 import ROUTES from '../../../constants/routes';
 import { useHandleExplorerTabChange } from '../../../hooks/useHandleExplorerTabChange';
 import { MetricsExplorerEventKeys, MetricsExplorerEvents } from '../events';
-import MetricDetailsErrorState from './MetricDetailsErrorState';
 import {
-	AllAttributesEmptyTextProps,
-	AllAttributesProps,
-	AllAttributesValueProps,
-} from './types';
+	AllAttributesEmptyText,
+	AllAttributesValue,
+} from './AllAttributesValue';
+import { AllAttributesProps } from './types';
 import { getMetricDetailsQuery } from './utils';
 
 const ALL_ATTRIBUTES_KEY = 'all-attributes';
-
-function AllAttributesEmptyText({
-	isErrorAttributes,
-	refetchAttributes,
-}: AllAttributesEmptyTextProps): JSX.Element {
-	if (isErrorAttributes) {
-		return (
-			<div className="all-attributes-error-state">
-				<MetricDetailsErrorState
-					refetch={refetchAttributes}
-					errorMessage="Something went wrong while fetching attributes"
-				/>
-			</div>
-		);
-	}
-	return <Typography.Text>No attributes found</Typography.Text>;
-}
-
-export function AllAttributesValue({
-	filterKey,
-	filterValue,
-	goToMetricsExploreWithAppliedAttribute,
-}: AllAttributesValueProps): JSX.Element {
-	const [visibleIndex, setVisibleIndex] = useState(5);
-	const [attributePopoverKey, setAttributePopoverKey] = useState<string | null>(
-		null,
-	);
-	const [, copyToClipboard] = useCopyToClipboard();
-	const { notifications } = useNotifications();
-
-	const handleShowMore = (): void => {
-		setVisibleIndex(visibleIndex + 5);
-	};
-
-	const handleMenuItemClick = useCallback(
-		(key: string, attribute: string): void => {
-			switch (key) {
-				case 'open-in-explorer':
-					goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
-					break;
-				case 'copy-attribute':
-					copyToClipboard(attribute);
-					notifications.success({
-						message: 'Attribute copied!',
-					});
-					break;
-				default:
-					break;
-			}
-			setAttributePopoverKey(null);
-		},
-		[
-			goToMetricsExploreWithAppliedAttribute,
-			filterKey,
-			copyToClipboard,
-			notifications,
-		],
-	);
-
-	const attributePopoverContent = useCallback(
-		(attribute: string) => (
-			<Menu
-				items={[
-					{
-						icon: <Compass size={16} />,
-						label: 'Open in Explorer',
-						key: 'open-in-explorer',
-					},
-					{
-						icon: <Copy size={16} />,
-						label: 'Copy Attribute',
-						key: 'copy-attribute',
-					},
-				]}
-				onClick={(info): void => {
-					handleMenuItemClick(info.key, attribute);
-				}}
-			/>
-		),
-		[handleMenuItemClick],
-	);
-	return (
-		<div className="all-attributes-value">
-			{filterValue.slice(0, visibleIndex).map((attribute) => (
-				<Popover
-					key={attribute}
-					content={attributePopoverContent(attribute)}
-					trigger="click"
-					open={attributePopoverKey === `${filterKey}-${attribute}`}
-					onOpenChange={(open): void => {
-						if (!open) {
-							setAttributePopoverKey(null);
-						} else {
-							setAttributePopoverKey(`${filterKey}-${attribute}`);
-						}
-					}}
-				>
-					<Button key={attribute} type="text">
-						<Typography.Text>{attribute}</Typography.Text>
-					</Button>
-				</Popover>
-			))}
-			{visibleIndex < filterValue.length && (
-				<Button type="text" onClick={handleShowMore}>
-					Show More
-				</Button>
-			)}
-		</div>
-	);
-}
+const COPY_FEEDBACK_DURATION_MS = 1500;
 
 function AllAttributes({
 	metricName,
 	metricType,
+	minTime,
+	maxTime,
 }: AllAttributesProps): JSX.Element {
 	const [searchString, setSearchString] = useState('');
 	const [activeKey, setActiveKey] = useState<string[]>([ALL_ATTRIBUTES_KEY]);
+	const [keyPopoverOpen, setKeyPopoverOpen] = useState<string | null>(null);
+	const [copiedKey, setCopiedKey] = useState<string | null>(null);
+	const [, copyToClipboard] = useCopyToClipboard();
+	const copyTimerRef = useRef<ReturnType<typeof setTimeout>>();
 
 	const {
 		data: attributesData,
 		isLoading: isLoadingAttributes,
 		isError: isErrorAttributes,
 		refetch: refetchAttributes,
-	} = useGetMetricAttributes({
-		metricName,
-	});
+	} = useGetMetricAttributes(
+		{
+			metricName,
+		},
+		{
+			start: minTime ? Math.floor(minTime / 1000000) : undefined,
+			end: maxTime ? Math.floor(maxTime / 1000000) : undefined,
+		},
+	);
 
 	const attributes = useMemo(() => attributesData?.data.attributes ?? [], [
 		attributesData,
@@ -164,12 +65,14 @@ function AllAttributes({
 	const { handleExplorerTabChange } = useHandleExplorerTabChange();
 
 	const goToMetricsExplorerwithAppliedSpaceAggregation = useCallback(
-		(groupBy: string) => {
+		(groupBy: string, valueCount?: number) => {
+			const limit = valueCount && valueCount > 250 ? 100 : undefined;
 			const compositeQuery = getMetricDetailsQuery(
 				metricName,
 				metricType,
 				undefined,
 				groupBy,
+				limit,
 			);
 			handleExplorerTabChange(
 				PANEL_TYPES.TIME_SERIES,
@@ -216,6 +119,28 @@ function AllAttributes({
 		[metricName, metricType, handleExplorerTabChange],
 	);
 
+	const handleKeyMenuItemClick = useCallback(
+		(menuKey: string, attributeKey: string, valueCount?: number): void => {
+			switch (menuKey) {
+				case 'open-in-explorer':
+					goToMetricsExplorerwithAppliedSpaceAggregation(attributeKey, valueCount);
+					break;
+				case 'copy-key':
+					copyToClipboard(attributeKey);
+					setCopiedKey(attributeKey);
+					clearTimeout(copyTimerRef.current);
+					copyTimerRef.current = setTimeout(() => {
+						setCopiedKey(null);
+					}, COPY_FEEDBACK_DURATION_MS);
+					break;
+				default:
+					break;
+			}
+			setKeyPopoverOpen(null);
+		},
+		[goToMetricsExplorerwithAppliedSpaceAggregation, copyToClipboard],
+	);
+
 	const filteredAttributes = useMemo(
 		() =>
 			attributes.filter(
@@ -254,21 +179,57 @@ function AllAttributes({
 				width: 50,
 				align: 'left',
 				className: 'metric-metadata-key',
-				render: (field: { label: string; contribution: number }): JSX.Element => (
-					<div className="all-attributes-key">
-						<Button
-							type="text"
-							onClick={(): void =>
-								goToMetricsExplorerwithAppliedSpaceAggregation(field.label)
-							}
-						>
-							<Typography.Text>{field.label}</Typography.Text>
-						</Button>
-						<Typography.Text className="all-attributes-contribution">
-							{field.contribution}
-						</Typography.Text>
-					</div>
-				),
+				render: (field: { label: string; contribution: number }): JSX.Element => {
+					const isCopied = copiedKey === field.label;
+					return (
+						<div className="all-attributes-key">
+							<Popover
+								content={
+									<Menu
+										items={[
+											{
+												icon: <SquareArrowOutUpRight size={14} />,
+												label: 'Open in Metric Explorer',
+												key: 'open-in-explorer',
+											},
+											{
+												icon: <Copy size={14} />,
+												label: 'Copy Key',
+												key: 'copy-key',
+											},
+										]}
+										onClick={(info): void => {
+											handleKeyMenuItemClick(info.key, field.label, field.contribution);
+										}}
+									/>
+								}
+								trigger="click"
+								placement="right"
+								overlayClassName="metric-details-popover attribute-key-popover-overlay"
+								open={keyPopoverOpen === field.label}
+								onOpenChange={(open): void => {
+									if (!open) {
+										setKeyPopoverOpen(null);
+									} else {
+										setKeyPopoverOpen(field.label);
+									}
+								}}
+							>
+								<Button type="text">
+									<Typography.Text>{field.label}</Typography.Text>
+								</Button>
+							</Popover>
+							{isCopied && (
+								<span className="copy-feedback">
+									<Check size={12} />
+								</span>
+							)}
+							<Typography.Text className="all-attributes-contribution">
+								{field.contribution}
+							</Typography.Text>
+						</div>
+					);
+				},
 			},
 			{
 				title: 'Value',
@@ -291,7 +252,9 @@ function AllAttributes({
 		],
 		[
 			goToMetricsExploreWithAppliedAttribute,
-			goToMetricsExplorerwithAppliedSpaceAggregation,
+			handleKeyMenuItemClick,
+			keyPopoverOpen,
+			copiedKey,
 		],
 	);
 
@@ -300,7 +263,12 @@ function AllAttributes({
 			{
 				label: (
 					<div className="metrics-accordion-header">
-						<Typography.Text>All Attributes</Typography.Text>
+						<div className="all-attributes-header-title">
+							<Typography.Text>All Attributes</Typography.Text>
+							<Tooltip title="Showing attributes for the selected time range">
+								<Info size={14} />
+							</Tooltip>
+						</div>
 						<Input
 							className="all-attributes-search-input"
 							placeholder="Search"
@@ -329,7 +297,9 @@ function AllAttributes({
 						className="metrics-accordion-content all-attributes-content"
 						scroll={{ y: 600 }}
 						locale={{
-							emptyText: (
+							emptyText: isLoadingAttributes ? (
+								' '
+							) : (
 								<AllAttributesEmptyText
 									isErrorAttributes={isErrorAttributes}
 									refetchAttributes={refetchAttributes}
@@ -350,14 +320,6 @@ function AllAttributes({
 		],
 	);
 
-	if (isLoadingAttributes) {
-		return (
-			<div className="all-attributes-skeleton-container">
-				<Skeleton active paragraph={{ rows: 8 }} />
-			</div>
-		);
-	}
-
 	return (
 		<Collapse
 			bordered

frontend/src/container/MetricsExplorer/MetricDetails/AllAttributesValue.tsx

@@ -0,0 +1,213 @@
+import { useCallback, useMemo, useRef, useState } from 'react';
+import { useCopyToClipboard } from 'react-use';
+import { Button, Input, Menu, Popover, Tooltip, Typography } from 'antd';
+import { useNotifications } from 'hooks/useNotifications';
+import { Check, Copy, Search, SquareArrowOutUpRight } from 'lucide-react';
+
+import MetricDetailsErrorState from './MetricDetailsErrorState';
+import { AllAttributesEmptyTextProps, AllAttributesValueProps } from './types';
+
+const INITIAL_VISIBLE_COUNT = 5;
+const COPY_FEEDBACK_DURATION_MS = 1500;
+
+export function AllAttributesEmptyText({
+	isErrorAttributes,
+	refetchAttributes,
+}: AllAttributesEmptyTextProps): JSX.Element {
+	if (isErrorAttributes) {
+		return (
+			<div className="all-attributes-error-state">
+				<MetricDetailsErrorState
+					refetch={refetchAttributes}
+					errorMessage="Something went wrong while fetching attributes"
+				/>
+			</div>
+		);
+	}
+	return <Typography.Text>No attributes found</Typography.Text>;
+}
+
+export function AllAttributesValue({
+	filterKey,
+	filterValue,
+	goToMetricsExploreWithAppliedAttribute,
+}: AllAttributesValueProps): JSX.Element {
+	const [attributePopoverKey, setAttributePopoverKey] = useState<string | null>(
+		null,
+	);
+	const [allValuesOpen, setAllValuesOpen] = useState(false);
+	const [allValuesSearch, setAllValuesSearch] = useState('');
+	const [copiedValue, setCopiedValue] = useState<string | null>(null);
+	const [, copyToClipboard] = useCopyToClipboard();
+	const { notifications } = useNotifications();
+	const copyTimerRef = useRef<ReturnType<typeof setTimeout>>();
+
+	const handleCopyWithFeedback = useCallback(
+		(value: string): void => {
+			copyToClipboard(value);
+			setCopiedValue(value);
+			clearTimeout(copyTimerRef.current);
+			copyTimerRef.current = setTimeout(() => {
+				setCopiedValue(null);
+			}, COPY_FEEDBACK_DURATION_MS);
+		},
+		[copyToClipboard],
+	);
+
+	const handleMenuItemClick = useCallback(
+		(key: string, attribute: string): void => {
+			switch (key) {
+				case 'open-in-explorer':
+					goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
+					break;
+				case 'copy-value':
+					handleCopyWithFeedback(attribute);
+					notifications.success({
+						message: 'Value copied!',
+					});
+					break;
+				default:
+					break;
+			}
+			setAttributePopoverKey(null);
+		},
+		[
+			goToMetricsExploreWithAppliedAttribute,
+			filterKey,
+			handleCopyWithFeedback,
+			notifications,
+		],
+	);
+
+	const attributePopoverContent = useCallback(
+		(attribute: string) => (
+			<Menu
+				items={[
+					{
+						icon: <SquareArrowOutUpRight size={14} />,
+						label: 'Open in Metric Explorer',
+						key: 'open-in-explorer',
+					},
+					{
+						icon: <Copy size={14} />,
+						label: 'Copy Value',
+						key: 'copy-value',
+					},
+				]}
+				onClick={(info): void => {
+					handleMenuItemClick(info.key, attribute);
+				}}
+			/>
+		),
+		[handleMenuItemClick],
+	);
+
+	const filteredAllValues = useMemo(
+		() =>
+			allValuesSearch
+				? filterValue.filter((v) =>
+						v.toLowerCase().includes(allValuesSearch.toLowerCase()),
+				  )
+				: filterValue,
+		[filterValue, allValuesSearch],
+	);
+
+	const allValuesPopoverContent = (
+		<div className="all-values-popover">
+			<Input
+				placeholder="Search values"
+				size="small"
+				prefix={<Search size={12} />}
+				value={allValuesSearch}
+				onChange={(e): void => setAllValuesSearch(e.target.value)}
+				allowClear
+			/>
+			<div className="all-values-list">
+				{allValuesOpen &&
+					filteredAllValues.map((attribute) => {
+						const isCopied = copiedValue === attribute;
+						return (
+							<div key={attribute} className="all-values-item">
+								<Typography.Text ellipsis className="all-values-item-text">
+									{attribute}
+								</Typography.Text>
+								<div className="all-values-item-actions">
+									<Tooltip title={isCopied ? 'Copied!' : 'Copy value'}>
+										<Button
+											type="text"
+											size="small"
+											className={isCopied ? 'copy-success' : ''}
+											icon={isCopied ? <Check size={12} /> : <Copy size={12} />}
+											onClick={(): void => {
+												handleCopyWithFeedback(attribute);
+											}}
+										/>
+									</Tooltip>
+									<Tooltip title="Open in Metric Explorer">
+										<Button
+											type="text"
+											size="small"
+											icon={<SquareArrowOutUpRight size={12} />}
+											onClick={(): void => {
+												goToMetricsExploreWithAppliedAttribute(filterKey, attribute);
+												setAllValuesOpen(false);
+											}}
+										/>
+									</Tooltip>
+								</div>
+							</div>
+						);
+					})}
+				{allValuesOpen && filteredAllValues.length === 0 && (
+					<Typography.Text type="secondary" className="all-values-empty">
+						No values found
+					</Typography.Text>
+				)}
+			</div>
+		</div>
+	);
+
+	return (
+		<div className="all-attributes-value">
+			{filterValue.slice(0, INITIAL_VISIBLE_COUNT).map((attribute) => (
+				<Popover
+					key={attribute}
+					content={attributePopoverContent(attribute)}
+					trigger="click"
+					overlayClassName="metric-details-popover attribute-value-popover-overlay"
+					open={attributePopoverKey === `${filterKey}-${attribute}`}
+					onOpenChange={(open): void => {
+						if (!open) {
+							setAttributePopoverKey(null);
+						} else {
+							setAttributePopoverKey(`${filterKey}-${attribute}`);
+						}
+					}}
+				>
+					<Button key={attribute} type="text">
+						<Typography.Text>{attribute}</Typography.Text>
+					</Button>
+				</Popover>
+			))}
+			{filterValue.length > INITIAL_VISIBLE_COUNT && (
+				<Popover
+					content={allValuesPopoverContent}
+					trigger="click"
+					open={allValuesOpen}
+					onOpenChange={(open): void => {
+						setAllValuesOpen(open);
+						if (!open) {
+							setAllValuesSearch('');
+							setCopiedValue(null);
+						}
+					}}
+					overlayClassName="metric-details-popover all-values-popover-overlay"
+				>
+					<Button type="text" className="all-values-button">
+						All values ({filterValue.length})
+					</Button>
+				</Popover>
+			)}
+		</div>
+	);
+}

frontend/src/container/MetricsExplorer/MetricDetails/Highlights.tsx

@@ -1,5 +1,5 @@
 import { Color } from '@signozhq/design-tokens';
-import { Button, Skeleton, Tooltip, Typography } from 'antd';
+import { Button, Spin, Tooltip, Typography } from 'antd';
 import { useGetMetricHighlights } from 'api/generated/services/metrics';
 import { InfoIcon } from 'lucide-react';
 
@@ -39,17 +39,6 @@ function Highlights({ metricName }: HighlightsProps): JSX.Element {
 		metricHighlights?.lastReceived,
 	);
 
-	if (isLoadingMetricHighlights) {
-		return (
-			<div
-				className="metric-details-content-grid"
-				data-testid="metric-highlights-loading-state"
-			>
-				<Skeleton title={false} paragraph={{ rows: 2 }} active />
-			</div>
-		);
-	}
-
 	if (isErrorMetricHighlights) {
 		return (
 			<div className="metric-details-content-grid">
@@ -89,32 +78,41 @@ function Highlights({ metricName }: HighlightsProps): JSX.Element {
 				</Typography.Text>
 			</div>
 			<div className="values-row">
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-data-points"
-				>
-					<Tooltip title={metricHighlights?.dataPoints?.toLocaleString()}>
-						{formatNumberIntoHumanReadableFormat(metricHighlights?.dataPoints ?? 0)}
-					</Tooltip>
-				</Typography.Text>
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-time-series-total"
-				>
-					<Tooltip
-						title="Active time series are those that have received data points in the last 1
-					hour."
-						placement="top"
-					>
-						<span>{`${timeSeriesTotal} total ⎯ ${timeSeriesActive} active`}</span>
-					</Tooltip>
-				</Typography.Text>
-				<Typography.Text
-					className="metric-details-grid-value"
-					data-testid="metric-highlights-last-received"
-				>
-					<Tooltip title={lastReceivedText}>{lastReceivedText}</Tooltip>
-				</Typography.Text>
+				{isLoadingMetricHighlights ? (
+					<div className="metric-highlights-loading-inline">
+						<Spin size="small" />
+						<Typography.Text type="secondary">Loading metric stats</Typography.Text>
+					</div>
+				) : (
+					<>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-data-points"
+						>
+							<Tooltip title={metricHighlights?.dataPoints?.toLocaleString()}>
+								{formatNumberIntoHumanReadableFormat(metricHighlights?.dataPoints ?? 0)}
+							</Tooltip>
+						</Typography.Text>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-time-series-total"
+						>
+							<Tooltip
+								title="Active time series are those that have received data points in the last 1
+							hour."
+								placement="top"
+							>
+								<span>{`${timeSeriesTotal} total ⎯ ${timeSeriesActive} active`}</span>
+							</Tooltip>
+						</Typography.Text>
+						<Typography.Text
+							className="metric-details-grid-value"
+							data-testid="metric-highlights-last-received"
+						>
+							<Tooltip title={lastReceivedText}>{lastReceivedText}</Tooltip>
+						</Typography.Text>
+					</>
+				)}
 			</div>
 		</div>
 	);

frontend/src/container/MetricsExplorer/MetricDetails/Metadata.tsx

@@ -1,6 +1,6 @@
 import { useCallback, useEffect, useMemo, useState } from 'react';
 import { useQueryClient } from 'react-query';
-import { Button, Collapse, Input, Select, Skeleton, Typography } from 'antd';
+import { Button, Collapse, Input, Select, Spin, Typography } from 'antd';
 import { ColumnsType } from 'antd/es/table';
 import logEvent from 'api/common/logEvent';
 import {
@@ -334,7 +334,7 @@ function Metadata({
 						e.stopPropagation();
 						setIsEditing(true);
 					}}
-					disabled={isUpdatingMetricsMetadata}
+					disabled={isUpdatingMetricsMetadata || isLoadingMetricMetadata}
 				>
 					<Edit2 size={14} />
 					<Typography.Text>Edit</Typography.Text>
@@ -345,6 +345,7 @@ function Metadata({
 		isEditing,
 		isErrorMetricMetadata,
 		isUpdatingMetricsMetadata,
+		isLoadingMetricMetadata,
 		cancelEdit,
 		handleSave,
 	]);
@@ -359,7 +360,11 @@ function Metadata({
 					</div>
 				),
 				key: 'metric-metadata',
-				children: isErrorMetricMetadata ? (
+				children: isLoadingMetricMetadata ? (
+					<div className="metrics-accordion-loading-state">
+						<Spin size="small" />
+					</div>
+				) : isErrorMetricMetadata ? (
 					<div className="metric-metadata-error-state">
 						<MetricDetailsErrorState
 							refetch={refetchMetricMetadata}
@@ -381,20 +386,13 @@ function Metadata({
 		[
 			actionButton,
 			columns,
+			isLoadingMetricMetadata,
 			isErrorMetricMetadata,
 			refetchMetricMetadata,
 			tableData,
 		],
 	);
 
-	if (isLoadingMetricMetadata) {
-		return (
-			<div className="metrics-metadata-skeleton-container">
-				<Skeleton active paragraph={{ rows: 8 }} />
-			</div>
-		);
-	}
-
 	return (
 		<Collapse
 			bordered

frontend/src/container/MetricsExplorer/MetricDetails/MetricDetails.styles.scss

@@ -52,6 +52,13 @@
 				align-items: center;
 			}
 
+			.metric-highlights-loading-inline {
+				grid-column: 1 / -1;
+				display: flex;
+				align-items: center;
+				gap: 8px;
+			}
+
 			.metric-highlights-error-state {
 				display: flex;
 				gap: 8px;
@@ -120,12 +127,11 @@
 			}
 		}
 
-		.metrics-metadata-skeleton-container {
-			height: 330px;
-		}
-
-		.all-attributes-skeleton-container {
-			height: 600px;
+		.metrics-accordion-loading-state {
+			display: flex;
+			justify-content: center;
+			align-items: center;
+			padding: 24px;
 		}
 
 		.metrics-accordion {
@@ -153,6 +159,18 @@
 				justify-content: space-between;
 				align-items: center;
 				height: 36px;
+
+				.all-attributes-header-title {
+					display: flex;
+					align-items: center;
+					gap: 6px;
+
+					.lucide-info {
+						cursor: pointer;
+						color: var(--bg-vanilla-400);
+					}
+				}
+
 				.ant-typography {
 					font-family: 'Geist Mono';
 					color: var(--bg-robin-400);
@@ -186,6 +204,7 @@
 					.all-attributes-key {
 						display: flex;
 						justify-content: space-between;
+						align-items: center;
 						.ant-btn {
 							.ant-typography:first-child {
 								font-family: 'Geist Mono';
@@ -193,17 +212,15 @@
 								background-color: transparent;
 							}
 						}
+						.copy-feedback {
+							display: inline-flex;
+							align-items: center;
+							color: var(--bg-forest-500);
+							animation: fade-in-out 1.5s ease-in-out;
+						}
 						.all-attributes-contribution {
 							font-family: 'Geist Mono';
 							color: var(--bg-vanilla-400);
-							background-color: rgba(171, 189, 255, 0.1);
-							height: 24px;
-							min-width: 24px;
-							border-radius: 50%;
-							text-align: center;
-							display: flex;
-							align-items: center;
-							justify-content: center;
 						}
 					}
 				}
@@ -259,10 +276,8 @@
 			}
 
 			.metric-metadata-key {
-				cursor: pointer;
 				padding-left: 10px;
 				vertical-align: middle;
-				text-align: center;
 				.field-renderer-container {
 					.label {
 						color: var(--bg-vanilla-400);
@@ -448,3 +463,138 @@
 	height: 100%;
 	width: 100%;
 }
+
+.attribute-key-popover-overlay {
+	.ant-popover-inner {
+		padding: 0 !important;
+		border-radius: 4px;
+		border: 1px solid var(--bg-slate-400);
+		background: linear-gradient(
+			139deg,
+			rgba(18, 19, 23, 0.8) 0%,
+			rgba(18, 19, 23, 0.9) 98.68%
+		);
+		box-shadow: 4px 10px 16px 2px rgba(0, 0, 0, 0.2);
+		backdrop-filter: blur(20px);
+	}
+
+	.ant-menu {
+		font-size: 12px;
+		background: transparent;
+
+		.ant-menu-item {
+			height: 32px;
+			line-height: 32px;
+			padding: 0 12px;
+			font-size: 12px;
+		}
+	}
+}
+
+.all-values-popover-overlay {
+	.ant-popover-inner {
+		padding: 0 !important;
+		border-radius: 4px;
+		border: 1px solid var(--bg-slate-400);
+		background: linear-gradient(
+			139deg,
+			rgba(18, 19, 23, 0.8) 0%,
+			rgba(18, 19, 23, 0.9) 98.68%
+		);
+		box-shadow: 4px 10px 16px 2px rgba(0, 0, 0, 0.2);
+		backdrop-filter: blur(20px);
+	}
+}
+
+.all-values-popover {
+	width: 320px;
+	display: flex;
+	flex-direction: column;
+	gap: 8px;
+	padding: 12px;
+
+	.all-values-list {
+		max-height: 300px;
+		overflow-y: auto;
+		display: flex;
+		flex-direction: column;
+		gap: 4px;
+
+		&::-webkit-scrollbar {
+			width: 2px;
+		}
+
+		&::-webkit-scrollbar-track {
+			background: transparent;
+		}
+
+		&::-webkit-scrollbar-thumb {
+			background: var(--bg-slate-300);
+			border-radius: 1px;
+		}
+	}
+
+	.all-values-item {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+		padding: 4px 8px;
+		border-radius: 4px;
+		gap: 8px;
+
+		&:hover {
+			background: rgba(255, 255, 255, 0.04);
+		}
+
+		.all-values-item-text {
+			flex: 1;
+			min-width: 0;
+			font-family: 'Geist Mono';
+			font-size: 12px;
+		}
+
+		.all-values-item-actions {
+			display: flex;
+			gap: 2px;
+			flex-shrink: 0;
+
+			.copy-success {
+				color: var(--bg-forest-500);
+			}
+		}
+	}
+
+	.all-values-empty {
+		padding: 8px;
+		text-align: center;
+	}
+}
+
+.all-values-button {
+	color: var(--bg-robin-400) !important;
+}
+
+.lightMode {
+	.attribute-key-popover-overlay,
+	.all-values-popover-overlay {
+		.ant-popover-inner {
+			border: 1px solid var(--bg-vanilla-400);
+			background: var(--bg-vanilla-100) !important;
+		}
+	}
+}
+
+@keyframes fade-in-out {
+	0% {
+		opacity: 0;
+	}
+	15% {
+		opacity: 1;
+	}
+	85% {
+		opacity: 1;
+	}
+	100% {
+		opacity: 0;
+	}
+}

frontend/src/container/MetricsExplorer/MetricDetails/MetricDetails.tsx

@@ -1,10 +1,14 @@
 import { useCallback, useEffect, useMemo } from 'react';
+// eslint-disable-next-line no-restricted-imports
+import { useSelector } from 'react-redux';
 import { Color } from '@signozhq/design-tokens';
 import { Button, Divider, Drawer, Typography } from 'antd';
 import logEvent from 'api/common/logEvent';
 import { useGetMetricMetadata } from 'api/generated/services/metrics';
 import { useIsDarkMode } from 'hooks/useDarkMode';
 import { Compass, Crosshair, X } from 'lucide-react';
+import { AppState } from 'store/reducers';
+import { GlobalReducer } from 'types/reducer/globalTime';
 
 import { PANEL_TYPES } from '../../../constants/queryBuilder';
 import ROUTES from '../../../constants/routes';
@@ -29,6 +33,9 @@ function MetricDetails({
 }: MetricDetailsProps): JSX.Element {
 	const isDarkMode = useIsDarkMode();
 	const { handleExplorerTabChange } = useHandleExplorerTabChange();
+	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
 
 	const {
 		data: metricMetadataResponse,
@@ -100,6 +107,21 @@ function MetricDetails({
 	const isActionButtonDisabled =
 		!metricName || isLoadingMetricMetadata || isErrorMetricMetadata;
 
+	const handleDrawerClose = useCallback(
+		(e: React.MouseEvent | React.KeyboardEvent): void => {
+			if ('key' in e && e.key === 'Escape') {
+				const openPopover = document.querySelector(
+					'.metric-details-popover:not(.ant-popover-hidden)',
+				);
+				if (openPopover) {
+					return;
+				}
+			}
+			onClose();
+		},
+		[onClose],
+	);
+
 	return (
 		<Drawer
 			width="60%"
@@ -137,7 +159,7 @@ function MetricDetails({
 				</div>
 			}
 			placement="right"
-			onClose={onClose}
+			onClose={handleDrawerClose}
 			open={isOpen}
 			style={{
 				overscrollBehavior: 'contain',
@@ -157,7 +179,12 @@ function MetricDetails({
 					isLoadingMetricMetadata={isLoadingMetricMetadata}
 					refetchMetricMetadata={refetchMetricMetadata}
 				/>
-				<AllAttributes metricName={metricName} metricType={metadata?.type} />
+				<AllAttributes
+					metricName={metricName}
+					metricType={metadata?.type}
+					minTime={minTime}
+					maxTime={maxTime}
+				/>
 			</div>
 		</Drawer>
 	);

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/AllAttributes.test.tsx

@@ -1,12 +1,11 @@
-import * as reactUseHooks from 'react-use';
 import { render, screen } from '@testing-library/react';
 import * as metricsExplorerHooks from 'api/generated/services/metrics';
 import { MetrictypesTypeDTO } from 'api/generated/services/sigNoz.schemas';
-import * as useHandleExplorerTabChange from 'hooks/useHandleExplorerTabChange';
 import { userEvent } from 'tests/test-utils';
 
 import ROUTES from '../../../../constants/routes';
-import AllAttributes, { AllAttributesValue } from '../AllAttributes';
+import AllAttributes from '../AllAttributes';
+import { AllAttributesValue } from '../AllAttributesValue';
 import { getMockMetricAttributesData, MOCK_METRIC_NAME } from './testUtlls';
 
 jest.mock('react-router-dom', () => ({
@@ -15,17 +14,6 @@ jest.mock('react-router-dom', () => ({
 		pathname: `${ROUTES.METRICS_EXPLORER}`,
 	}),
 }));
-const mockHandleExplorerTabChange = jest.fn();
-jest
-	.spyOn(useHandleExplorerTabChange, 'useHandleExplorerTabChange')
-	.mockReturnValue({
-		handleExplorerTabChange: mockHandleExplorerTabChange,
-	});
-
-const mockUseCopyToClipboard = jest.fn();
-jest
-	.spyOn(reactUseHooks, 'useCopyToClipboard')
-	.mockReturnValue([{ value: 'value1' }, mockUseCopyToClipboard] as any);
 
 const useGetMetricAttributesMock = jest.spyOn(
 	metricsExplorerHooks,
@@ -34,12 +22,13 @@ const useGetMetricAttributesMock = jest.spyOn(
 
 describe('AllAttributes', () => {
 	beforeEach(() => {
+		jest.clearAllMocks();
 		useGetMetricAttributesMock.mockReturnValue({
 			...getMockMetricAttributesData(),
 		});
 	});
 
-	it('renders attributes section with title', () => {
+	it('renders attribute keys, values, and value counts from API data', () => {
 		render(
 			<AllAttributes
 				metricName={MOCK_METRIC_NAME}
@@ -47,39 +36,13 @@ describe('AllAttributes', () => {
 			/>,
 		);
 
-		expect(screen.getByText('All Attributes')).toBeInTheDocument();
-	});
-
-	it('renders all attribute keys and values', () => {
-		render(
-			<AllAttributes
-				metricName={MOCK_METRIC_NAME}
-				metricType={MetrictypesTypeDTO.gauge}
-			/>,
-		);
-
-		// Check attribute keys are rendered
 		expect(screen.getByText('attribute1')).toBeInTheDocument();
 		expect(screen.getByText('attribute2')).toBeInTheDocument();
-
-		// Check attribute values are rendered
 		expect(screen.getByText('value1')).toBeInTheDocument();
 		expect(screen.getByText('value2')).toBeInTheDocument();
 		expect(screen.getByText('value3')).toBeInTheDocument();
 	});
 
-	it('renders value counts correctly', () => {
-		render(
-			<AllAttributes
-				metricName={MOCK_METRIC_NAME}
-				metricType={MetrictypesTypeDTO.gauge}
-			/>,
-		);
-
-		expect(screen.getByText('2')).toBeInTheDocument(); // For attribute1
-		expect(screen.getByText('1')).toBeInTheDocument(); // For attribute2
-	});
-
 	it('handles empty attributes array', () => {
 		useGetMetricAttributesMock.mockReturnValue({
 			...getMockMetricAttributesData({
@@ -100,7 +63,7 @@ describe('AllAttributes', () => {
 		expect(screen.getByText('No attributes found')).toBeInTheDocument();
 	});
 
-	it('clicking on an attribute key opens the explorer with the attribute filter applied', async () => {
+	it('clicking on an attribute key shows popover with Open in Metric Explorer option', async () => {
 		render(
 			<AllAttributes
 				metricName={MOCK_METRIC_NAME}
@@ -108,7 +71,8 @@ describe('AllAttributes', () => {
 			/>,
 		);
 		await userEvent.click(screen.getByText('attribute1'));
-		expect(mockHandleExplorerTabChange).toHaveBeenCalled();
+		expect(screen.getByText('Open in Metric Explorer')).toBeInTheDocument();
+		expect(screen.getByText('Copy Key')).toBeInTheDocument();
 	});
 
 	it('filters attributes based on search input', async () => {
@@ -123,26 +87,66 @@ describe('AllAttributes', () => {
 		expect(screen.getByText('attribute1')).toBeInTheDocument();
 		expect(screen.getByText('value1')).toBeInTheDocument();
 	});
+
+	it('shows error state when attribute fetching fails', () => {
+		useGetMetricAttributesMock.mockReturnValue({
+			...getMockMetricAttributesData(
+				{
+					data: {
+						attributes: [],
+						totalKeys: 0,
+					},
+				},
+				{
+					isError: true,
+				},
+			),
+		});
+		render(
+			<AllAttributes
+				metricName={MOCK_METRIC_NAME}
+				metricType={MetrictypesTypeDTO.gauge}
+			/>,
+		);
+
+		expect(
+			screen.getByText('Something went wrong while fetching attributes'),
+		).toBeInTheDocument();
+	});
+
+	it('does not show misleading empty text while loading', () => {
+		useGetMetricAttributesMock.mockReturnValue({
+			...getMockMetricAttributesData(
+				{
+					data: {
+						attributes: [],
+						totalKeys: 0,
+					},
+				},
+				{
+					isLoading: true,
+				},
+			),
+		});
+		render(
+			<AllAttributes
+				metricName={MOCK_METRIC_NAME}
+				metricType={MetrictypesTypeDTO.gauge}
+			/>,
+		);
+
+		expect(screen.queryByText('No attributes found')).not.toBeInTheDocument();
+	});
 });
 
 describe('AllAttributesValue', () => {
 	const mockGoToMetricsExploreWithAppliedAttribute = jest.fn();
 
-	it('renders all attribute values', () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		expect(screen.getByText('value2')).toBeInTheDocument();
+	beforeEach(() => {
+		jest.clearAllMocks();
 	});
 
-	it('loads more attributes when show more button is clicked', async () => {
+	it('shows All values button when there are more than 5 values', () => {
 		render(
 			<AllAttributesValue
 				filterKey="attribute1"
@@ -153,58 +157,59 @@ describe('AllAttributesValue', () => {
 			/>,
 		);
 		expect(screen.queryByText('value6')).not.toBeInTheDocument();
-		await userEvent.click(screen.getByText('Show More'));
-		expect(screen.getByText('value6')).toBeInTheDocument();
+		expect(screen.getByText('All values (6)')).toBeInTheDocument();
 	});
 
-	it('does not render show more button when there are no more attributes to show', () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.queryByText('Show More')).not.toBeInTheDocument();
-	});
-
-	it('copy button should copy the attribute value to the clipboard', async () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('value1'));
-		expect(screen.getByText('Copy Attribute')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('Copy Attribute'));
-		expect(mockUseCopyToClipboard).toHaveBeenCalledWith('value1');
-	});
-
-	it('explorer button should go to metrics explore with the attribute filter applied', async () => {
-		render(
-			<AllAttributesValue
-				filterKey="attribute1"
-				filterValue={['value1', 'value2']}
-				goToMetricsExploreWithAppliedAttribute={
-					mockGoToMetricsExploreWithAppliedAttribute
-				}
-			/>,
-		);
-		expect(screen.getByText('value1')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('value1'));
-
-		expect(screen.getByText('Open in Explorer')).toBeInTheDocument();
-		await userEvent.click(screen.getByText('Open in Explorer'));
-		expect(mockGoToMetricsExploreWithAppliedAttribute).toHaveBeenCalledWith(
-			'attribute1',
+	it('All values popover shows values beyond the initial 5', async () => {
+		const values = [
 			'value1',
+			'value2',
+			'value3',
+			'value4',
+			'value5',
+			'value6',
+			'value7',
+		];
+		render(
+			<AllAttributesValue
+				filterKey="attribute1"
+				filterValue={values}
+				goToMetricsExploreWithAppliedAttribute={
+					mockGoToMetricsExploreWithAppliedAttribute
+				}
+			/>,
 		);
+
+		await userEvent.click(screen.getByText('All values (7)'));
+
+		expect(screen.getByText('value6')).toBeInTheDocument();
+		expect(screen.getByText('value7')).toBeInTheDocument();
+	});
+
+	it('All values popover search filters the value list', async () => {
+		const values = [
+			'alpha',
+			'bravo',
+			'charlie',
+			'delta',
+			'echo',
+			'fig-special',
+			'golf-target',
+		];
+		render(
+			<AllAttributesValue
+				filterKey="attribute1"
+				filterValue={values}
+				goToMetricsExploreWithAppliedAttribute={
+					mockGoToMetricsExploreWithAppliedAttribute
+				}
+			/>,
+		);
+
+		await userEvent.click(screen.getByText('All values (7)'));
+		await userEvent.type(screen.getByPlaceholderText('Search values'), 'golf');
+
+		expect(screen.getByText('golf-target')).toBeInTheDocument();
+		expect(screen.queryByText('fig-special')).not.toBeInTheDocument();
 	});
 });

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/Highlights.test.tsx

@@ -48,7 +48,7 @@ describe('Highlights', () => {
 		).toBeInTheDocument();
 	});
 
-	it('should render loading state when data is loading', () => {
+	it('should show labels and loading text but not stale data values while loading', () => {
 		useGetMetricHighlightsMock.mockReturnValue(
 			getMockMetricHighlightsData(
 				{},
@@ -60,8 +60,19 @@ describe('Highlights', () => {
 
 		render(<Highlights metricName={MOCK_METRIC_NAME} />);
 
+		expect(screen.getByText('SAMPLES')).toBeInTheDocument();
+		expect(screen.getByText('TIME SERIES')).toBeInTheDocument();
+		expect(screen.getByText('LAST RECEIVED')).toBeInTheDocument();
+		expect(screen.getByText('Loading metric stats')).toBeInTheDocument();
+
 		expect(
-			screen.getByTestId('metric-highlights-loading-state'),
-		).toBeInTheDocument();
+			screen.queryByTestId('metric-highlights-data-points'),
+		).not.toBeInTheDocument();
+		expect(
+			screen.queryByTestId('metric-highlights-time-series-total'),
+		).not.toBeInTheDocument();
+		expect(
+			screen.queryByTestId('metric-highlights-last-received'),
+		).not.toBeInTheDocument();
 	});
 });

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/Metadata.test.tsx

@@ -324,6 +324,22 @@ describe('Metadata', () => {
 		expect(editButton2).toBeInTheDocument();
 	});
 
+	it('should show section header with disabled edit while loading', () => {
+		render(
+			<Metadata
+				metricName={MOCK_METRIC_NAME}
+				metadata={null}
+				isErrorMetricMetadata={false}
+				isLoadingMetricMetadata
+				refetchMetricMetadata={mockRefetchMetricMetadata}
+			/>,
+		);
+
+		expect(screen.getByText('Metadata')).toBeInTheDocument();
+		const editButton = screen.getByText('Edit').closest('button');
+		expect(editButton).toBeDisabled();
+	});
+
 	it('should not allow editing of unit if it is already set', async () => {
 		render(
 			<Metadata

frontend/src/container/MetricsExplorer/MetricDetails/__tests__/MetricDetails.test.tsx

@@ -24,6 +24,13 @@ jest.mock('react-router-dom', () => ({
 		pathname: `${ROUTES.METRICS_EXPLORER}`,
 	}),
 }));
+jest.mock('react-redux', () => ({
+	...jest.requireActual('react-redux'),
+	useSelector: jest.fn().mockReturnValue({
+		maxTime: 1700000000000000000,
+		minTime: 1699900000000000000,
+	}),
+}));
 jest.mock('hooks/useSafeNavigate', () => ({
 	useSafeNavigate: (): any => ({
 		safeNavigate: jest.fn(),

frontend/src/container/MetricsExplorer/MetricDetails/types.ts

@@ -34,6 +34,8 @@ export interface MetadataProps {
 export interface AllAttributesProps {
 	metricName: string;
 	metricType: MetrictypesTypeDTO | undefined;
+	minTime?: number;
+	maxTime?: number;
 }
 
 export interface AllAttributesValueProps {

frontend/src/container/MetricsExplorer/MetricDetails/utils.tsx

@@ -87,6 +87,7 @@ export function getMetricDetailsQuery(
 	metricType: MetrictypesTypeDTO | undefined,
 	filter?: { key: string; value: string },
 	groupBy?: string,
+	limit?: number,
 ): Query {
 	let timeAggregation;
 	let spaceAggregation;
@@ -170,6 +171,7 @@ export function getMetricDetailsQuery(
 								},
 						  ]
 						: [],
+					...(limit ? { limit } : {}),
 				},
 			],
 			queryFormulas: [],

frontend/src/container/MetricsExplorer/Summary/MetricsSearch.tsx

@@ -1,9 +1,7 @@
 import { useCallback } from 'react';
-import { Tooltip } from 'antd';
 import QuerySearch from 'components/QueryBuilderV2/QueryV2/QuerySearch/QuerySearch';
 import RunQueryBtn from 'container/QueryBuilder/components/RunQueryBtn/RunQueryBtn';
 import DateTimeSelectionV2 from 'container/TopNav/DateTimeSelectionV2';
-import { Info } from 'lucide-react';
 import { DataSource } from 'types/common/queryBuilder';
 
 import { MetricsSearchProps } from './types';
@@ -26,15 +24,17 @@ function MetricsSearch({
 		onChange(currentQueryFilterExpression);
 	}, [currentQueryFilterExpression, onChange]);
 
+	const handleRunQuery = useCallback(
+		(expression: string): void => {
+			setCurrentQueryFilterExpression(expression);
+			onChange(expression);
+		},
+		[setCurrentQueryFilterExpression, onChange],
+	);
+
 	return (
 		<div className="metrics-search-container">
 			<div data-testid="qb-search-container" className="qb-search-container">
-				<Tooltip
-					title="Use filters to refine metrics based on attributes. Example: service_name=api - Shows all metrics associated with the API service"
-					placement="right"
-				>
-					<Info size={16} />
-				</Tooltip>
 				<QuerySearch
 					onChange={handleOnChange}
 					dataSource={DataSource.METRICS}
@@ -45,8 +45,9 @@ function MetricsSearch({
 							expression: currentQueryFilterExpression,
 						},
 					}}
-					onRun={handleOnChange}
+					onRun={handleRunQuery}
 					showFilterSuggestionsWithoutMetric
+					placeholder="Try metric_name CONTAINS 'http.server' to view all HTTP Server metrics being sent"
 				/>
 			</div>
 			<RunQueryBtn

frontend/src/container/MetricsExplorer/Summary/Summary.styles.scss

@@ -37,7 +37,7 @@
 
 	.metrics-search-container {
 		display: flex;
-		gap: 16px;
+		gap: 8px;
 		align-items: center;
 
 		.metrics-search-options {
@@ -51,10 +51,6 @@
 			gap: 8px;
 			flex: 1;
 
-			.lucide-info {
-				cursor: pointer;
-			}
-
 			.query-builder-search-container {
 				width: 100%;
 			}
@@ -66,8 +62,6 @@
 			margin-left: -16px;
 			margin-right: -16px;
 
-			max-height: 500px;
-			overflow-y: auto;
 			.ant-table-thead > tr > th {
 				padding: 12px;
 				font-weight: 500;

frontend/src/container/MetricsExplorer/Summary/Summary.tsx

@@ -15,13 +15,12 @@ import {
 	Querybuildertypesv5OrderByDTO,
 	Querybuildertypesv5OrderDirectionDTO,
 } from 'api/generated/services/sigNoz.schemas';
-import {
-	convertExpressionToFilters,
-	convertFiltersToExpression,
-} from 'components/QueryBuilderV2/utils';
+import { convertExpressionToFilters } from 'components/QueryBuilderV2/utils';
+import { initialQueriesMap } from 'constants/queryBuilder';
 import { usePageSize } from 'container/InfraMonitoringK8s/utils';
 import NoLogs from 'container/NoLogs/NoLogs';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
+import { useShareBuilderUrl } from 'hooks/queryBuilder/useShareBuilderUrl';
 import ErrorBoundaryFallback from 'pages/ErrorBoundaryFallback/ErrorBoundaryFallback';
 import { AppState } from 'store/reducers';
 import { TagFilter } from 'types/api/queryBuilder/queryBuilderData';
@@ -61,10 +60,13 @@ function Summary(): JSX.Element {
 		heatmapView,
 		setHeatmapView,
 	] = useState<MetricsexplorertypesTreemapModeDTO>(
-		MetricsexplorertypesTreemapModeDTO.timeseries,
+		MetricsexplorertypesTreemapModeDTO.samples,
 	);
 
 	const { currentQuery, redirectWithQueryBuilderData } = useQueryBuilder();
+
+	useShareBuilderUrl({ defaultValue: initialQueriesMap[DataSource.METRICS] });
+
 	const query = useMemo(() => currentQuery?.builder?.queryData[0], [
 		currentQuery,
 	]);
@@ -89,6 +91,15 @@ function Summary(): JSX.Element {
 		setCurrentQueryFilterExpression,
 	] = useState<string>(query?.filter?.expression || '');
 
+	const [appliedFilterExpression, setAppliedFilterExpression] = useState(
+		query?.filter?.expression || '',
+	);
+
+	const queryFilterExpression = useMemo(
+		() => ({ expression: appliedFilterExpression }),
+		[appliedFilterExpression],
+	);
+
 	useEffect(() => {
 		logEvent(MetricsExplorerEvents.TabChanged, {
 			[MetricsExplorerEventKeys.Tab]: 'summary',
@@ -100,11 +111,6 @@ function Summary(): JSX.Element {
 		// eslint-disable-next-line react-hooks/exhaustive-deps
 	}, []);
 
-	const queryFilterExpression = useMemo(() => {
-		const filters = query.filters || { items: [], op: 'AND' };
-		return convertFiltersToExpression(filters);
-	}, [query.filters]);
-
 	const metricsListQuery: MetricsexplorertypesStatsRequestDTO = useMemo(() => {
 		return {
 			start: convertNanoToMilliseconds(minTime),
@@ -187,6 +193,7 @@ function Summary(): JSX.Element {
 				},
 			});
 			setCurrentQueryFilterExpression(expression);
+			setAppliedFilterExpression(expression);
 			setCurrentPage(1);
 			if (expression) {
 				logEvent(MetricsExplorerEvents.FilterApplied, {

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.styles.scss

@@ -0,0 +1,315 @@
+.permission-side-panel-backdrop {
+	position: fixed;
+	inset: 0;
+	z-index: 100;
+	background: transparent;
+}
+
+.permission-side-panel {
+	position: fixed;
+	top: 0;
+	right: 0;
+	bottom: 0;
+	z-index: 101;
+	width: 720px;
+	display: flex;
+	flex-direction: column;
+	background: var(--l2-background);
+	border-left: 1px solid var(--l2-border);
+	box-shadow: -4px 10px 16px 2px rgba(0, 0, 0, 0.2);
+
+	&__header {
+		display: flex;
+		align-items: center;
+		gap: 16px;
+		flex-shrink: 0;
+		height: 48px;
+		padding: 0 16px;
+		background: var(--l2-background);
+		border-bottom: 1px solid var(--l2-border);
+	}
+
+	&__close {
+		width: 16px;
+		height: 16px;
+		padding: 0;
+		color: var(--foreground);
+		flex-shrink: 0;
+
+		&:hover {
+			color: var(--text-base-white);
+		}
+	}
+
+	&__header-divider {
+		display: block;
+		width: 1px;
+		height: 16px;
+		background: var(--l2-border);
+		flex-shrink: 0;
+	}
+
+	&__title {
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 400;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+		color: var(--foreground);
+	}
+
+	&__content {
+		flex: 1;
+		overflow-y: auto;
+		padding: 12px 15px;
+	}
+
+	&__resource-list {
+		display: flex;
+		flex-direction: column;
+		border: 1px solid var(--l2-border);
+		border-radius: 4px;
+		overflow: hidden;
+	}
+
+	&__footer {
+		display: flex;
+		align-items: center;
+		justify-content: flex-end;
+		flex-shrink: 0;
+		height: 56px;
+		padding: 0 16px;
+		gap: 12px;
+		background: var(--l2-background);
+		border-top: 1px solid var(--l2-border);
+	}
+
+	&__unsaved {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+		margin-right: auto;
+	}
+
+	&__unsaved-dot {
+		display: block;
+		width: 6px;
+		height: 6px;
+		border-radius: 50px;
+		background: var(--primary);
+		box-shadow: 0px 0px 6px 0px rgba(78, 116, 248, 0.4);
+		flex-shrink: 0;
+	}
+
+	&__unsaved-text {
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 400;
+		line-height: 24px;
+		letter-spacing: -0.07px;
+		color: var(--primary);
+	}
+
+	&__footer-actions {
+		display: flex;
+		align-items: center;
+		gap: 12px;
+	}
+}
+
+.psp-resource {
+	display: flex;
+	flex-direction: column;
+	border-bottom: 1px solid var(--l2-border);
+
+	&:last-child {
+		border-bottom: none;
+	}
+
+	&__row {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+		padding: 12px 16px;
+		cursor: pointer;
+		transition: background 0.15s ease;
+
+		&--expanded {
+			background: rgba(171, 189, 255, 0.04);
+		}
+
+		&:hover {
+			background: rgba(171, 189, 255, 0.03);
+		}
+	}
+
+	&__left {
+		display: flex;
+		align-items: center;
+		gap: 16px;
+	}
+
+	&__chevron {
+		display: flex;
+		align-items: center;
+		justify-content: center;
+		width: 14px;
+		height: 14px;
+		color: var(--foreground);
+		flex-shrink: 0;
+	}
+
+	&__label {
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 400;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+		color: var(--text-base-white);
+		text-transform: capitalize;
+	}
+
+	&__body {
+		display: flex;
+		flex-direction: column;
+		gap: 2px;
+		padding: 8px 0 8px 44px;
+		background: rgba(171, 189, 255, 0.04);
+	}
+
+	&__radio-group {
+		display: flex;
+		flex-direction: column;
+		gap: 2px;
+	}
+
+	&__radio-item {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+		padding: 6px 0;
+
+		label {
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			line-height: 20px;
+			letter-spacing: -0.07px;
+			color: var(--text-base-white);
+			cursor: pointer;
+		}
+	}
+
+	&__select-wrapper {
+		padding: 6px 16px 4px 24px;
+	}
+
+	&__select {
+		width: 100%;
+
+		// todo: https://github.com/SigNoz/components/issues/116
+		.ant-select-selector {
+			background: var(--l2-background) !important;
+			border: 1px solid var(--border) !important;
+			border-radius: 2px !important;
+			padding: 4px 6px !important;
+			min-height: 32px !important;
+			box-shadow: none !important;
+
+			&:hover,
+			&:focus-within {
+				border-color: var(--input) !important;
+				box-shadow: none !important;
+			}
+		}
+
+		.ant-select-selection-placeholder {
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			color: var(--foreground);
+			opacity: 0.4;
+		}
+
+		.ant-select-selection-item {
+			background: var(--input) !important;
+			border: none !important;
+			border-radius: 2px !important;
+			padding: 0 6px !important;
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			line-height: 20px;
+			color: var(--text-base-white) !important;
+			height: auto !important;
+		}
+
+		.ant-select-selection-item-remove {
+			color: var(--foreground) !important;
+			display: flex;
+			align-items: center;
+		}
+
+		.ant-select-arrow {
+			color: var(--foreground);
+		}
+	}
+
+	&__select-popup {
+		.ant-select-item {
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			color: var(--foreground);
+			background: var(--l2-background);
+
+			&-option-selected {
+				background: var(--border) !important;
+				color: var(--text-base-white) !important;
+			}
+
+			&-option-active {
+				background: var(--l2-background-hover) !important;
+			}
+		}
+
+		.ant-select-dropdown {
+			background: var(--l2-background);
+			border: 1px solid var(--border);
+			border-radius: 2px;
+			padding: 4px 0;
+		}
+	}
+}
+
+.lightMode {
+	.permission-side-panel {
+		&__close {
+			&:hover {
+				color: var(--text-base-black);
+			}
+		}
+	}
+
+	.psp-resource {
+		&__label {
+			color: var(--text-base-black);
+		}
+
+		&__radio-item label {
+			color: var(--text-base-black);
+		}
+
+		&__select .ant-select-selection-item {
+			color: var(--text-base-black) !important;
+		}
+	}
+
+	.psp-resource__select-popup {
+		.ant-select-item {
+			&-option-selected {
+				color: var(--text-base-black) !important;
+			}
+		}
+	}
+}

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.tsx

@@ -0,0 +1,294 @@
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { Button } from '@signozhq/button';
+import { ChevronDown, ChevronRight, X } from '@signozhq/icons';
+import {
+	RadioGroup,
+	RadioGroupItem,
+	RadioGroupLabel,
+} from '@signozhq/radio-group';
+import { Select, Skeleton } from 'antd';
+
+import {
+	buildConfig,
+	configsEqual,
+	DEFAULT_RESOURCE_CONFIG,
+	isResourceConfigEqual,
+} from '../utils';
+import type {
+	PermissionConfig,
+	PermissionSidePanelProps,
+	ResourceConfig,
+	ResourceDefinition,
+	ScopeType,
+} from './PermissionSidePanel.types';
+import { PermissionScope } from './PermissionSidePanel.types';
+
+import './PermissionSidePanel.styles.scss';
+
+interface ResourceRowProps {
+	resource: ResourceDefinition;
+	config: ResourceConfig;
+	isExpanded: boolean;
+	onToggleExpand: (id: string) => void;
+	onScopeChange: (id: string, scope: ScopeType) => void;
+	onSelectedIdsChange: (id: string, ids: string[]) => void;
+}
+
+function ResourceRow({
+	resource,
+	config,
+	isExpanded,
+	onToggleExpand,
+	onScopeChange,
+	onSelectedIdsChange,
+}: ResourceRowProps): JSX.Element {
+	return (
+		<div className="psp-resource">
+			<div
+				className={`psp-resource__row${
+					isExpanded ? ' psp-resource__row--expanded' : ''
+				}`}
+				role="button"
+				tabIndex={0}
+				onClick={(): void => onToggleExpand(resource.id)}
+				onKeyDown={(e): void => {
+					if (e.key === 'Enter' || e.key === ' ') {
+						onToggleExpand(resource.id);
+					}
+				}}
+			>
+				<div className="psp-resource__left">
+					<span className="psp-resource__chevron">
+						{isExpanded ? <ChevronDown size={14} /> : <ChevronRight size={14} />}
+					</span>
+					<span className="psp-resource__label">{resource.label}</span>
+				</div>
+			</div>
+
+			{isExpanded && (
+				<div className="psp-resource__body">
+					<RadioGroup
+						value={config.scope}
+						onValueChange={(val): void =>
+							onScopeChange(resource.id, val as ScopeType)
+						}
+						className="psp-resource__radio-group"
+					>
+						<div className="psp-resource__radio-item">
+							<RadioGroupItem
+								value={PermissionScope.ALL}
+								id={`${resource.id}-all`}
+								color="robin"
+							/>
+							<RadioGroupLabel htmlFor={`${resource.id}-all`}>All</RadioGroupLabel>
+						</div>
+
+						<div className="psp-resource__radio-item">
+							<RadioGroupItem
+								value={PermissionScope.ONLY_SELECTED}
+								id={`${resource.id}-only-selected`}
+								color="robin"
+							/>
+							<RadioGroupLabel htmlFor={`${resource.id}-only-selected`}>
+								Only selected
+							</RadioGroupLabel>
+						</div>
+					</RadioGroup>
+
+					{config.scope === PermissionScope.ONLY_SELECTED && (
+						<div className="psp-resource__select-wrapper">
+							{/* TODO: right now made to only accept user input, we need to give it proper resource based value fetching from APIs */}
+							<Select
+								mode="tags"
+								value={config.selectedIds}
+								onChange={(vals: string[]): void =>
+									onSelectedIdsChange(resource.id, vals)
+								}
+								options={resource.options ?? []}
+								placeholder="Select resources..."
+								className="psp-resource__select"
+								popupClassName="psp-resource__select-popup"
+								showSearch
+								filterOption={(input, option): boolean =>
+									String(option?.label ?? '')
+										.toLowerCase()
+										.includes(input.toLowerCase())
+								}
+							/>
+						</div>
+					)}
+				</div>
+			)}
+		</div>
+	);
+}
+
+function PermissionSidePanel({
+	open,
+	onClose,
+	permissionLabel,
+	resources,
+	initialConfig,
+	isLoading = false,
+	isSaving = false,
+	onSave,
+}: PermissionSidePanelProps): JSX.Element | null {
+	const [config, setConfig] = useState<PermissionConfig>(() =>
+		buildConfig(resources, initialConfig),
+	);
+	const [expandedIds, setExpandedIds] = useState<Set<string>>(new Set());
+
+	useEffect(() => {
+		if (open) {
+			setConfig(buildConfig(resources, initialConfig));
+			setExpandedIds(new Set());
+		}
+	}, [open, resources, initialConfig]);
+
+	const savedConfig = useMemo(() => buildConfig(resources, initialConfig), [
+		resources,
+		initialConfig,
+	]);
+
+	const unsavedCount = useMemo(() => {
+		if (configsEqual(config, savedConfig)) {
+			return 0;
+		}
+		return Object.keys(config).filter(
+			(id) => !isResourceConfigEqual(config[id], savedConfig[id]),
+		).length;
+	}, [config, savedConfig]);
+
+	const updateResource = useCallback(
+		(id: string, patch: Partial<ResourceConfig>): void => {
+			setConfig((prev) => ({
+				...prev,
+				[id]: { ...prev[id], ...patch },
+			}));
+		},
+		[],
+	);
+
+	const handleToggleExpand = useCallback((id: string): void => {
+		setExpandedIds((prev) => {
+			const next = new Set(prev);
+			if (next.has(id)) {
+				next.delete(id);
+			} else {
+				next.add(id);
+			}
+			return next;
+		});
+	}, []);
+
+	const handleScopeChange = useCallback(
+		(id: string, scope: ScopeType): void => {
+			updateResource(id, { scope, selectedIds: [] });
+		},
+		[updateResource],
+	);
+
+	const handleSelectedIdsChange = useCallback(
+		(id: string, ids: string[]): void => {
+			updateResource(id, { selectedIds: ids });
+		},
+		[updateResource],
+	);
+
+	const handleSave = useCallback((): void => {
+		onSave(config);
+	}, [config, onSave]);
+
+	const handleDiscard = useCallback((): void => {
+		setConfig(buildConfig(resources, initialConfig));
+		setExpandedIds(new Set());
+	}, [resources, initialConfig]);
+
+	if (!open) {
+		return null;
+	}
+
+	return (
+		<>
+			<div
+				className="permission-side-panel-backdrop"
+				role="presentation"
+				onClick={onClose}
+			/>
+
+			<div className="permission-side-panel">
+				<div className="permission-side-panel__header">
+					<Button
+						variant="ghost"
+						size="icon"
+						className="permission-side-panel__close"
+						onClick={onClose}
+						aria-label="Close panel"
+					>
+						<X size={16} />
+					</Button>
+					<span className="permission-side-panel__header-divider" />
+					<span className="permission-side-panel__title">
+						Edit {permissionLabel} Permissions
+					</span>
+				</div>
+
+				<div className="permission-side-panel__content">
+					{isLoading ? (
+						<Skeleton active paragraph={{ rows: 6 }} />
+					) : (
+						<div className="permission-side-panel__resource-list">
+							{resources.map((resource) => (
+								<ResourceRow
+									key={resource.id}
+									resource={resource}
+									config={config[resource.id] ?? DEFAULT_RESOURCE_CONFIG}
+									isExpanded={expandedIds.has(resource.id)}
+									onToggleExpand={handleToggleExpand}
+									onScopeChange={handleScopeChange}
+									onSelectedIdsChange={handleSelectedIdsChange}
+								/>
+							))}
+						</div>
+					)}
+				</div>
+
+				<div className="permission-side-panel__footer">
+					{unsavedCount > 0 && (
+						<div className="permission-side-panel__unsaved">
+							<span className="permission-side-panel__unsaved-dot" />
+							<span className="permission-side-panel__unsaved-text">
+								{unsavedCount} unsaved change{unsavedCount !== 1 ? 's' : ''}
+							</span>
+						</div>
+					)}
+
+					<div className="permission-side-panel__footer-actions">
+						<Button
+							variant="solid"
+							color="secondary"
+							prefixIcon={<X size={14} />}
+							onClick={unsavedCount > 0 ? handleDiscard : onClose}
+							size="sm"
+							disabled={isSaving}
+						>
+							{unsavedCount > 0 ? 'Discard' : 'Cancel'}
+						</Button>
+						<Button
+							variant="solid"
+							color="primary"
+							size="sm"
+							onClick={handleSave}
+							loading={isSaving}
+							disabled={isLoading || unsavedCount === 0}
+						>
+							Save Changes
+						</Button>
+					</div>
+				</div>
+			</div>
+		</>
+	);
+}
+
+export default PermissionSidePanel;

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.types.ts

@@ -0,0 +1,35 @@
+export interface ResourceOption {
+	value: string;
+	label: string;
+}
+
+export interface ResourceDefinition {
+	id: string;
+	label: string;
+	options?: ResourceOption[];
+}
+
+export enum PermissionScope {
+	ALL = 'all',
+	ONLY_SELECTED = 'only_selected',
+}
+
+export type ScopeType = PermissionScope;
+
+export interface ResourceConfig {
+	scope: ScopeType;
+	selectedIds: string[];
+}
+
+export type PermissionConfig = Record<string, ResourceConfig>;
+
+export interface PermissionSidePanelProps {
+	open: boolean;
+	onClose: () => void;
+	permissionLabel: string;
+	resources: ResourceDefinition[];
+	initialConfig?: PermissionConfig;
+	isLoading?: boolean;
+	isSaving?: boolean;
+	onSave: (config: PermissionConfig) => void;
+}

frontend/src/container/RolesSettings/PermissionSidePanel/index.tsx

@@ -0,0 +1,10 @@
+export { default } from './PermissionSidePanel';
+export type {
+	PermissionConfig,
+	PermissionSidePanelProps,
+	ResourceConfig,
+	ResourceDefinition,
+	ResourceOption,
+	ScopeType,
+} from './PermissionSidePanel.types';
+export { PermissionScope } from './PermissionSidePanel.types';

frontend/src/container/RolesSettings/RoleDetails/RoleDetailsPage.styles.scss

@@ -0,0 +1,417 @@
+.role-details-page {
+	display: flex;
+	flex-direction: column;
+	gap: 16px;
+	padding: 16px;
+	width: 100%;
+	max-width: 60vw;
+	margin: 0 auto;
+
+	.role-details-header {
+		display: flex;
+		flex-direction: column;
+		gap: 0;
+	}
+
+	.role-details-title {
+		color: var(--text-base-white);
+		font-family: Inter;
+		font-size: 18px;
+		font-weight: 500;
+		line-height: 28px;
+		letter-spacing: -0.09px;
+	}
+
+	.role-details-permission-item--readonly {
+		cursor: default !important;
+		pointer-events: none;
+		opacity: 0.55;
+	}
+
+	.role-details-nav {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+	}
+
+	.role-details-tab {
+		gap: 4px;
+		padding: 0 16px;
+		height: 32px;
+		border-radius: 0;
+		font-size: 12px;
+		overflow: hidden;
+		font-weight: 400;
+		line-height: 18px;
+		letter-spacing: -0.06px;
+
+		&[data-state='on'] {
+			border-radius: 2px 0 0 2px;
+		}
+	}
+
+	.role-details-tab-count {
+		display: flex;
+		align-items: center;
+		justify-content: center;
+		min-width: 20px;
+		padding: 0 6px;
+		border-radius: 50px;
+		background: var(--secondary);
+		font-size: 12px;
+		font-weight: 400;
+		line-height: 20px;
+		color: var(--foreground);
+		letter-spacing: -0.06px;
+		text-transform: uppercase;
+	}
+
+	.role-details-actions {
+		display: flex;
+		align-items: center;
+		gap: 12px;
+	}
+
+	.role-details-overview {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+	}
+
+	.role-details-meta {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+	}
+
+	.role-details-section-label {
+		font-family: Inter;
+		font-size: 12px;
+		font-weight: 500;
+		line-height: 20px;
+		letter-spacing: 0.48px;
+		text-transform: uppercase;
+		color: var(--foreground);
+	}
+
+	.role-details-description-text {
+		font-family: Inter;
+		font-size: 13px;
+		font-weight: 500;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+		color: var(--foreground);
+	}
+
+	.role-details-info-row {
+		display: flex;
+		gap: 16px;
+		align-items: flex-start;
+	}
+
+	.role-details-info-col {
+		flex: 1;
+		min-width: 0;
+		display: flex;
+		flex-direction: column;
+		gap: 4px;
+	}
+
+	.role-details-info-value {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+	}
+
+	.role-details-info-name {
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 500;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+		color: var(--foreground);
+	}
+
+	.role-details-permissions {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+		padding-top: 8px;
+	}
+
+	.role-details-permissions-header {
+		display: flex;
+		align-items: center;
+		gap: 16px;
+		height: 20px;
+	}
+
+	.role-details-permissions-divider {
+		flex: 1;
+		border: none;
+		border-top: 2px dotted var(--border);
+		border-bottom: 2px dotted var(--border);
+		height: 7px;
+		margin: 0;
+	}
+
+	.role-details-permission-list {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+	}
+
+	.role-details-permission-item {
+		display: flex;
+		align-items: center;
+		justify-content: space-between;
+		height: 44px;
+		padding: 0 12px;
+		background: rgba(171, 189, 255, 0.08);
+		border: 1px solid var(--secondary);
+		border-radius: 4px;
+		cursor: pointer;
+		transition: background 0.15s ease;
+
+		&:hover {
+			background: rgba(171, 189, 255, 0.12);
+		}
+	}
+
+	.role-details-permission-item-left {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+	}
+
+	.role-details-permission-item-label {
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 400;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+		color: var(--text-base-white);
+	}
+
+	.role-details-members {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+	}
+
+	.role-details-members-search {
+		display: flex;
+		align-items: center;
+		gap: 6px;
+		height: 32px;
+		padding: 6px 6px 6px 8px;
+		background: var(--l2-background);
+		border: 1px solid var(--secondary);
+		border-radius: 2px;
+
+		.role-details-members-search-icon {
+			flex-shrink: 0;
+			color: var(--foreground);
+			opacity: 0.5;
+		}
+
+		.role-details-members-search-input {
+			flex: 1;
+			height: 100%;
+			background: transparent;
+			border: none;
+			outline: none;
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			line-height: 18px;
+			letter-spacing: -0.07px;
+			color: var(--foreground);
+
+			&::placeholder {
+				color: var(--foreground);
+				opacity: 0.4;
+			}
+		}
+	}
+
+	.role-details-members-content {
+		display: flex;
+		flex-direction: column;
+		min-height: 420px;
+		border: 1px dashed var(--secondary);
+		border-radius: 3px;
+		margin-top: -1px;
+	}
+
+	.role-details-members-empty-state {
+		display: flex;
+		flex: 1;
+		flex-direction: column;
+		align-items: center;
+		justify-content: center;
+		gap: 4px;
+		padding: 48px 0;
+		flex-grow: 1;
+
+		.role-details-members-empty-emoji {
+			font-size: 32px;
+			line-height: 1;
+		}
+
+		.role-details-members-empty-text {
+			font-family: Inter;
+			font-size: 14px;
+			line-height: 18px;
+			letter-spacing: -0.07px;
+
+			&--bold {
+				font-weight: 500;
+				color: var(--text-base-white);
+			}
+
+			&--muted {
+				font-weight: 400;
+				color: var(--foreground);
+			}
+		}
+	}
+
+	.role-details-skeleton {
+		padding: 16px 0;
+	}
+}
+
+.role-details-delete-action-btn {
+	display: flex;
+	align-items: center;
+	justify-content: center;
+	width: 32px;
+	height: 32px;
+	min-width: 32px;
+	border: none;
+	border-radius: 2px;
+	background: transparent;
+	color: var(--destructive);
+	opacity: 0.6;
+	padding: 0;
+	transition: background-color 0.2s, opacity 0.2s;
+	box-shadow: none;
+
+	&:hover {
+		background: rgba(229, 72, 77, 0.1);
+		opacity: 0.9;
+	}
+}
+
+.role-details-delete-modal {
+	width: calc(100% - 30px) !important;
+	max-width: 384px;
+
+	.ant-modal-content {
+		padding: 0;
+		border-radius: 4px;
+		border: 1px solid var(--secondary);
+		background: var(--l2-background);
+		box-shadow: 0px -4px 16px 2px rgba(0, 0, 0, 0.2);
+
+		.ant-modal-header {
+			padding: 16px;
+			background: var(--l2-background);
+			margin-bottom: 0;
+		}
+
+		.ant-modal-body {
+			padding: 0 16px 28px 16px;
+		}
+
+		.ant-modal-footer {
+			display: flex;
+			justify-content: flex-end;
+			padding: 16px;
+			margin: 0;
+
+			.cancel-btn {
+				display: flex;
+				align-items: center;
+				border: none;
+				border-radius: 2px;
+			}
+
+			.delete-btn {
+				display: flex;
+				align-items: center;
+				border: none;
+				border-radius: 2px;
+				margin-left: 12px;
+			}
+		}
+	}
+
+	.title {
+		color: var(--text-base-white);
+		font-family: Inter;
+		font-size: 13px;
+		font-weight: 400;
+		line-height: 1;
+		letter-spacing: -0.065px;
+	}
+
+	.delete-text {
+		color: var(--foreground);
+		font-family: Inter;
+		font-size: 14px;
+		font-weight: 400;
+		line-height: 20px;
+		letter-spacing: -0.07px;
+
+		strong {
+			font-weight: 600;
+			color: var(--text-base-white);
+		}
+	}
+}
+
+.lightMode {
+	.role-details-delete-modal {
+		.ant-modal-content {
+			.ant-modal-header {
+				.title {
+					color: var(--text-base-black);
+				}
+			}
+
+			.ant-modal-body {
+				.delete-text {
+					strong {
+						color: var(--text-base-black);
+					}
+				}
+			}
+		}
+	}
+
+	.role-details-page {
+		.role-details-title {
+			color: var(--text-base-black);
+		}
+
+		.role-details-members-empty-state {
+			.role-details-members-empty-text--bold {
+				color: var(--text-base-black);
+			}
+		}
+
+		.role-details-permission-item {
+			background: rgba(0, 0, 0, 0.04);
+
+			&:hover {
+				background: rgba(0, 0, 0, 0.07);
+			}
+		}
+
+		.role-details-permission-item-label {
+			color: var(--text-base-black);
+		}
+	}
+}

frontend/src/container/RolesSettings/RoleDetails/RoleDetailsPage.tsx

@@ -0,0 +1,276 @@
+import { useEffect, useMemo, useState } from 'react';
+import { useQueryClient } from 'react-query';
+import { useHistory, useLocation } from 'react-router-dom';
+import { Button } from '@signozhq/button';
+import { Table2, Trash2, Users } from '@signozhq/icons';
+import { toast } from '@signozhq/sonner';
+import { ToggleGroup, ToggleGroupItem } from '@signozhq/toggle-group';
+import { Skeleton } from 'antd';
+import { useAuthzResources } from 'api/generated/services/authz';
+import {
+	getGetObjectsQueryKey,
+	useDeleteRole,
+	useGetObjects,
+	useGetRole,
+	usePatchObjects,
+} from 'api/generated/services/role';
+import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
+import ROUTES from 'constants/routes';
+import { capitalize } from 'lodash-es';
+import { useErrorModal } from 'providers/ErrorModalProvider';
+import { RoleType } from 'types/roles';
+import { handleApiError, toAPIError } from 'utils/errorUtils';
+
+import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from '../config';
+import type { PermissionConfig } from '../PermissionSidePanel';
+import PermissionSidePanel from '../PermissionSidePanel';
+import CreateRoleModal from '../RolesComponents/CreateRoleModal';
+import DeleteRoleModal from '../RolesComponents/DeleteRoleModal';
+import {
+	buildPatchPayload,
+	derivePermissionTypes,
+	deriveResourcesForRelation,
+	objectsToPermissionConfig,
+} from '../utils';
+import MembersTab from './components/MembersTab';
+import OverviewTab from './components/OverviewTab';
+import { ROLE_ID_REGEX } from './constants';
+
+import './RoleDetailsPage.styles.scss';
+
+type TabKey = 'overview' | 'members';
+
+// eslint-disable-next-line sonarjs/cognitive-complexity
+function RoleDetailsPage(): JSX.Element {
+	const { pathname } = useLocation();
+	const history = useHistory();
+
+	useEffect(() => {
+		if (!IS_ROLE_DETAILS_AND_CRUD_ENABLED) {
+			history.push(ROUTES.ROLES_SETTINGS);
+		}
+	}, [history]);
+
+	const queryClient = useQueryClient();
+	const { showErrorModal } = useErrorModal();
+
+	const { data: authzResourcesResponse } = useAuthzResources({
+		query: { enabled: true },
+	});
+	const authzResources = authzResourcesResponse?.data ?? null;
+
+	// Extract channelId from URL pathname since useParams doesn't work in nested routing
+	const roleIdMatch = pathname.match(ROLE_ID_REGEX);
+	const roleId = roleIdMatch ? roleIdMatch[1] : '';
+
+	const [activeTab, setActiveTab] = useState<TabKey>('overview');
+	const [isEditModalOpen, setIsEditModalOpen] = useState(false);
+	const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false);
+	const [activePermission, setActivePermission] = useState<string | null>(null);
+
+	const { data, isLoading, isFetching, isError, error } = useGetRole(
+		{ id: roleId },
+		{ query: { enabled: !!roleId } },
+	);
+	const role = data?.data;
+	const isTransitioning = isFetching && role?.id !== roleId;
+	const isManaged = role?.type === RoleType.MANAGED;
+
+	const permissionTypes = useMemo(
+		() => derivePermissionTypes(authzResources?.relations ?? null),
+		[authzResources],
+	);
+
+	const resourcesForActivePermission = useMemo(
+		() =>
+			activePermission
+				? deriveResourcesForRelation(authzResources ?? null, activePermission)
+				: [],
+		[authzResources, activePermission],
+	);
+
+	const { data: objectsData, isLoading: isLoadingObjects } = useGetObjects(
+		{ id: roleId, relation: activePermission ?? '' },
+		{ query: { enabled: !!activePermission && !!roleId && !isManaged } },
+	);
+
+	const initialConfig = useMemo(() => {
+		if (!objectsData?.data || !activePermission) {
+			return undefined;
+		}
+		return objectsToPermissionConfig(
+			objectsData.data,
+			resourcesForActivePermission,
+		);
+	}, [objectsData, activePermission, resourcesForActivePermission]);
+
+	const handleSaveSuccess = (): void => {
+		toast.success('Permissions saved successfully');
+		if (activePermission) {
+			queryClient.removeQueries(
+				getGetObjectsQueryKey({ id: roleId, relation: activePermission }),
+			);
+		}
+		setActivePermission(null);
+	};
+
+	const { mutate: patchObjects, isLoading: isSaving } = usePatchObjects({
+		mutation: {
+			onSuccess: handleSaveSuccess,
+			onError: (err) => handleApiError(err, showErrorModal),
+		},
+	});
+
+	const { mutate: deleteRole, isLoading: isDeleting } = useDeleteRole({
+		mutation: {
+			onSuccess: (): void => {
+				toast.success('Role deleted successfully');
+				history.push(ROUTES.ROLES_SETTINGS);
+			},
+			onError: (err) => handleApiError(err, showErrorModal),
+		},
+	});
+
+	if (
+		!IS_ROLE_DETAILS_AND_CRUD_ENABLED ||
+		isLoading ||
+		isTransitioning ||
+		!role
+	) {
+		return (
+			<div className="role-details-page">
+				<Skeleton
+					active
+					paragraph={{ rows: 8 }}
+					className="role-details-skeleton"
+				/>
+			</div>
+		);
+	}
+
+	if (isError) {
+		return (
+			<div className="role-details-page">
+				<ErrorInPlace
+					error={toAPIError(
+						error,
+						'An unexpected error occurred while fetching role details.',
+					)}
+				/>
+			</div>
+		);
+	}
+
+	const handleSave = (config: PermissionConfig): void => {
+		if (!activePermission || !authzResources) {
+			return;
+		}
+		patchObjects({
+			pathParams: { id: roleId, relation: activePermission },
+			data: buildPatchPayload({
+				newConfig: config,
+				initialConfig: initialConfig ?? {},
+				resources: resourcesForActivePermission,
+				authzRes: authzResources,
+			}),
+		});
+	};
+
+	return (
+		<div className="role-details-page">
+			<div className="role-details-header">
+				<h2 className="role-details-title">Role — {role.name}</h2>
+			</div>
+
+			<div className="role-details-nav">
+				<ToggleGroup
+					type="single"
+					value={activeTab}
+					onValueChange={(val): void => {
+						if (val) {
+							setActiveTab(val as TabKey);
+						}
+					}}
+					className="role-details-tabs"
+				>
+					<ToggleGroupItem value="overview" className="role-details-tab">
+						<Table2 size={14} />
+						Overview
+					</ToggleGroupItem>
+					<ToggleGroupItem value="members" className="role-details-tab">
+						<Users size={14} />
+						Members
+						<span className="role-details-tab-count">0</span>
+					</ToggleGroupItem>
+				</ToggleGroup>
+
+				{!isManaged && (
+					<div className="role-details-actions">
+						<Button
+							variant="ghost"
+							color="destructive"
+							className="role-details-delete-action-btn"
+							onClick={(): void => setIsDeleteModalOpen(true)}
+							aria-label="Delete role"
+						>
+							<Trash2 size={14} />
+						</Button>
+						<Button
+							variant="solid"
+							color="secondary"
+							size="sm"
+							onClick={(): void => setIsEditModalOpen(true)}
+						>
+							Edit Role Details
+						</Button>
+					</div>
+				)}
+			</div>
+
+			{activeTab === 'overview' && (
+				<OverviewTab
+					role={role || null}
+					isManaged={isManaged}
+					permissionTypes={permissionTypes}
+					onPermissionClick={(key): void => setActivePermission(key)}
+				/>
+			)}
+			{activeTab === 'members' && <MembersTab />}
+
+			{!isManaged && (
+				<>
+					<PermissionSidePanel
+						open={activePermission !== null}
+						onClose={(): void => setActivePermission(null)}
+						permissionLabel={activePermission ? capitalize(activePermission) : ''}
+						resources={resourcesForActivePermission}
+						initialConfig={initialConfig}
+						isLoading={isLoadingObjects}
+						isSaving={isSaving}
+						onSave={handleSave}
+					/>
+
+					<CreateRoleModal
+						isOpen={isEditModalOpen}
+						onClose={(): void => setIsEditModalOpen(false)}
+						initialData={{
+							id: roleId,
+							name: role.name || '',
+							description: role.description || '',
+						}}
+					/>
+				</>
+			)}
+
+			<DeleteRoleModal
+				isOpen={isDeleteModalOpen}
+				roleName={role.name || ''}
+				isDeleting={isDeleting}
+				onCancel={(): void => setIsDeleteModalOpen(false)}
+				onConfirm={(): void => deleteRole({ pathParams: { id: roleId } })}
+			/>
+		</div>
+	);
+}
+
+export default RoleDetailsPage;

frontend/src/container/RolesSettings/RoleDetails/__tests__/RoleDetailsPage.test.tsx

@@ -0,0 +1,438 @@
+// Ungate feature flag for all tests in this file
+jest.mock('../../config', () => ({ IS_ROLE_DETAILS_AND_CRUD_ENABLED: true }));
+
+import {
+	customRoleResponse,
+	managedRoleResponse,
+} from 'mocks-server/__mockdata__/roles';
+import { server } from 'mocks-server/server';
+import { rest } from 'msw';
+import { render, screen, userEvent, waitFor, within } from 'tests/test-utils';
+
+import RoleDetailsPage from '../RoleDetailsPage';
+
+const CUSTOM_ROLE_ID = '019c24aa-3333-0001-aaaa-111111111111';
+const MANAGED_ROLE_ID = '019c24aa-2248-756f-9833-984f1ab63819';
+
+const rolesApiBase = 'http://localhost/api/v1/roles';
+const authzResourcesUrl = 'http://localhost/api/v1/authz/resources';
+
+const authzResourcesResponse = {
+	status: 'success',
+	data: {
+		relations: { create: ['dashboard'], read: ['dashboard'] },
+		resources: [{ name: 'dashboard', type: 'dashboard' }],
+	},
+};
+
+const emptyObjectsResponse = { status: 'success', data: [] };
+
+const allScopeObjectsResponse = {
+	status: 'success',
+	data: [
+		{
+			resource: { name: 'dashboard', type: 'dashboard' },
+			selectors: ['*'],
+		},
+	],
+};
+
+function setupDefaultHandlers(roleId = CUSTOM_ROLE_ID): void {
+	const roleResponse =
+		roleId === MANAGED_ROLE_ID ? managedRoleResponse : customRoleResponse;
+
+	server.use(
+		rest.get(`${rolesApiBase}/:id`, (_req, res, ctx) =>
+			res(ctx.status(200), ctx.json(roleResponse)),
+		),
+		rest.get(authzResourcesUrl, (_req, res, ctx) =>
+			res(ctx.status(200), ctx.json(authzResourcesResponse)),
+		),
+	);
+}
+
+afterEach(() => {
+	jest.clearAllMocks();
+	server.resetHandlers();
+});
+
+describe('RoleDetailsPage', () => {
+	it('renders custom role header, tabs, description, permissions, and action buttons', async () => {
+		setupDefaultHandlers();
+
+		render(<RoleDetailsPage />, undefined, {
+			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+		});
+
+		expect(await screen.findByText('Role — billing-manager')).toBeInTheDocument();
+
+		// Tab navigation
+		expect(screen.getByText('Overview')).toBeInTheDocument();
+		expect(screen.getByText('Members')).toBeInTheDocument();
+
+		// Role description (OverviewTab)
+		expect(
+			screen.getByText('Custom role for managing billing and invoices.'),
+		).toBeInTheDocument();
+
+		// Permission items derived from mocked authz relations
+		expect(screen.getByText('Create')).toBeInTheDocument();
+		expect(screen.getByText('Read')).toBeInTheDocument();
+
+		// Action buttons present for custom role
+		expect(
+			screen.getByRole('button', { name: /edit role details/i }),
+		).toBeInTheDocument();
+		expect(
+			screen.getByRole('button', { name: /delete role/i }),
+		).toBeInTheDocument();
+	});
+
+	it('shows managed-role warning callout and hides edit/delete buttons', async () => {
+		setupDefaultHandlers(MANAGED_ROLE_ID);
+
+		render(<RoleDetailsPage />, undefined, {
+			initialRoute: `/settings/roles/${MANAGED_ROLE_ID}`,
+		});
+
+		expect(await screen.findByText(/Role — signoz-admin/)).toBeInTheDocument();
+
+		expect(
+			screen.getByText(
+				'This is a managed role. Permissions and settings are view-only and cannot be modified.',
+			),
+		).toBeInTheDocument();
+
+		// Action buttons absent for managed role
+		expect(screen.queryByText('Edit Role Details')).not.toBeInTheDocument();
+		expect(
+			screen.queryByRole('button', { name: /delete role/i }),
+		).not.toBeInTheDocument();
+	});
+
+	it('edit flow: modal opens pre-filled and calls PATCH on save and verify', async () => {
+		const patchSpy = jest.fn();
+		let description = customRoleResponse.data.description;
+		server.use(
+			rest.get(`${rolesApiBase}/:id`, (_req, res, ctx) =>
+				res(
+					ctx.status(200),
+					ctx.json({
+						...customRoleResponse,
+						data: { ...customRoleResponse.data, description },
+					}),
+				),
+			),
+			rest.patch(`${rolesApiBase}/:id`, async (req, res, ctx) => {
+				const body = await req.json();
+				patchSpy(body);
+				description = body.description;
+				return res(
+					ctx.status(200),
+					ctx.json({
+						...customRoleResponse,
+						data: { ...customRoleResponse.data, description },
+					}),
+				);
+			}),
+		);
+
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+		render(<RoleDetailsPage />, undefined, {
+			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+		});
+
+		await screen.findByText('Role — billing-manager');
+
+		// Open the edit modal
+		await user.click(screen.getByRole('button', { name: /edit role details/i }));
+		expect(
+			await screen.findByText('Edit Role Details', {
+				selector: '.ant-modal-title',
+			}),
+		).toBeInTheDocument();
+
+		// Name field is disabled in edit mode (role rename is not allowed)
+		const nameInput = screen.getByPlaceholderText(
+			'Enter role name e.g. : Service Owner',
+		);
+		expect(nameInput).toBeDisabled();
+
+		// Update description and save
+		const descField = screen.getByPlaceholderText(
+			'A helpful description of the role',
+		);
+		await user.clear(descField);
+		await user.type(descField, 'Updated description');
+		await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+		await waitFor(() =>
+			expect(patchSpy).toHaveBeenCalledWith({
+				description: 'Updated description',
+			}),
+		);
+
+		await waitFor(() =>
+			expect(
+				screen.queryByText('Edit Role Details', {
+					selector: '.ant-modal-title',
+				}),
+			).not.toBeInTheDocument(),
+		);
+
+		expect(await screen.findByText('Updated description')).toBeInTheDocument();
+	});
+
+	it('delete flow: modal shows role name, DELETE called on confirm', async () => {
+		const deleteSpy = jest.fn();
+
+		setupDefaultHandlers();
+		server.use(
+			rest.delete(`${rolesApiBase}/:id`, (_req, res, ctx) => {
+				deleteSpy();
+				return res(ctx.status(200), ctx.json({ status: 'success' }));
+			}),
+		);
+
+		const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+		render(<RoleDetailsPage />, undefined, {
+			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+		});
+
+		await screen.findByText('Role — billing-manager');
+
+		await user.click(screen.getByRole('button', { name: /delete role/i }));
+
+		expect(
+			await screen.findByText(/Are you sure you want to delete the role/),
+		).toBeInTheDocument();
+
+		const dialog = await screen.findByRole('dialog');
+		await user.click(
+			within(dialog).getByRole('button', { name: /delete role/i }),
+		);
+
+		await waitFor(() => expect(deleteSpy).toHaveBeenCalled());
+
+		await waitFor(() =>
+			expect(
+				screen.queryByText(/Are you sure you want to delete the role/),
+			).not.toBeInTheDocument(),
+		);
+	});
+
+	describe('permission side panel', () => {
+		async function openCreatePanel(
+			user: ReturnType<typeof userEvent.setup>,
+		): Promise<void> {
+			await screen.findByText('Role — billing-manager');
+			await user.click(screen.getByText('Create'));
+			await screen.findByText('Edit Create Permissions');
+			await screen.findByRole('button', { name: /dashboard/i });
+		}
+
+		it('Save Changes is disabled until a resource scope is changed', async () => {
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			// No change yet — config matches initial, unsavedCount = 0
+			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
+
+			// Expand Dashboard and flip to All — now Save is enabled
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));
+
+			expect(
+				screen.getByRole('button', { name: /save changes/i }),
+			).not.toBeDisabled();
+
+			// check for what shown now - unsavedCount = 1
+			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();
+		});
+
+		it('set scope to All → patchObjects additions: ["*"], deletions: null', async () => {
+			const patchSpy = jest.fn();
+
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+				rest.patch(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					async (req, res, ctx) => {
+						patchSpy(await req.json());
+						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
+					},
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));
+			await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+			await waitFor(() =>
+				expect(patchSpy).toHaveBeenCalledWith({
+					additions: [
+						{
+							resource: { name: 'dashboard', type: 'dashboard' },
+							selectors: ['*'],
+						},
+					],
+					deletions: null,
+				}),
+			);
+		});
+
+		it('set scope to Only selected with IDs → patchObjects additions contain those IDs', async () => {
+			const patchSpy = jest.fn();
+
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+				rest.patch(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					async (req, res, ctx) => {
+						patchSpy(await req.json());
+						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
+					},
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+
+			const combobox = screen.getByRole('combobox');
+			await user.click(combobox);
+			await user.type(combobox, 'dash-1');
+			await user.keyboard('{Enter}');
+
+			await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+			await waitFor(() =>
+				expect(patchSpy).toHaveBeenCalledWith({
+					additions: [
+						{
+							resource: { name: 'dashboard', type: 'dashboard' },
+							selectors: ['dash-1'],
+						},
+					],
+					deletions: null,
+				}),
+			);
+		});
+
+		it('existing All scope changed to Only selected (empty) → patchObjects deletions: ["*"], additions: null', async () => {
+			const patchSpy = jest.fn();
+
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) =>
+						res(ctx.status(200), ctx.json(allScopeObjectsResponse)),
+				),
+				rest.patch(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					async (req, res, ctx) => {
+						patchSpy(await req.json());
+						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
+					},
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+
+			await user.click(screen.getByText('Only selected'));
+			await user.click(screen.getByRole('button', { name: /save changes/i }));
+
+			// Should delete the '*' selector and add nothing
+			await waitFor(() =>
+				expect(patchSpy).toHaveBeenCalledWith({
+					additions: null,
+					deletions: [
+						{
+							resource: { name: 'dashboard', type: 'dashboard' },
+							selectors: ['*'],
+						},
+					],
+				}),
+			);
+		});
+
+		it('unsaved changes counter shown on scope change, Discard resets it', async () => {
+			setupDefaultHandlers();
+			server.use(
+				rest.get(
+					`${rolesApiBase}/:id/relation/:relation/objects`,
+					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
+				),
+			);
+
+			const user = userEvent.setup({ pointerEventsCheck: 0 });
+
+			render(<RoleDetailsPage />, undefined, {
+				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
+			});
+
+			await openCreatePanel(user);
+
+			// No unsaved changes indicator yet
+			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();
+
+			// Change dashboard scope to "All"
+			await user.click(screen.getByRole('button', { name: /dashboard/i }));
+			await user.click(screen.getByText('All'));
+
+			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();
+
+			// Discard reverts to initial config — counter disappears, Save re-disabled
+			await user.click(screen.getByRole('button', { name: /discard/i }));
+
+			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();
+			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
+		});
+	});
+});

frontend/src/container/RolesSettings/RoleDetails/components/MembersTab.tsx

@@ -0,0 +1,44 @@
+import { useState } from 'react';
+import { Search } from '@signozhq/icons';
+
+function MembersTab(): JSX.Element {
+	const [searchQuery, setSearchQuery] = useState('');
+
+	return (
+		<div className="role-details-members">
+			<div className="role-details-members-search">
+				<Search size={12} className="role-details-members-search-icon" />
+				<input
+					type="text"
+					className="role-details-members-search-input"
+					placeholder="Search and add members..."
+					value={searchQuery}
+					onChange={(e): void => setSearchQuery(e.target.value)}
+				/>
+			</div>
+
+			{/* Todo: Right now we are only adding the empty state in this cut */}
+			<div className="role-details-members-content">
+				<div className="role-details-members-empty-state">
+					<span
+						className="role-details-members-empty-emoji"
+						role="img"
+						aria-label="monocle face"
+					>
+						🧐
+					</span>
+					<p className="role-details-members-empty-text">
+						<span className="role-details-members-empty-text--bold">
+							No members added.
+						</span>{' '}
+						<span className="role-details-members-empty-text--muted">
+							Start adding members to this role.
+						</span>
+					</p>
+				</div>
+			</div>
+		</div>
+	);
+}
+
+export default MembersTab;

frontend/src/container/RolesSettings/RoleDetails/components/OverviewTab.tsx

@@ -0,0 +1,76 @@
+import { Callout } from '@signozhq/callout';
+
+import { PermissionType, TimestampBadge } from '../../utils';
+import PermissionItem from './PermissionItem';
+
+interface OverviewTabProps {
+	role: {
+		description?: string;
+		createdAt?: Date | string;
+		updatedAt?: Date | string;
+	} | null;
+	isManaged: boolean;
+	permissionTypes: PermissionType[];
+	onPermissionClick: (relationKey: string) => void;
+}
+
+function OverviewTab({
+	role,
+	isManaged,
+	permissionTypes,
+	onPermissionClick,
+}: OverviewTabProps): JSX.Element {
+	return (
+		<div className="role-details-overview">
+			{isManaged && (
+				<Callout
+					type="warning"
+					showIcon
+					message="This is a managed role. Permissions and settings are view-only and cannot be modified."
+				/>
+			)}
+
+			<div className="role-details-meta">
+				<div>
+					<p className="role-details-section-label">Description</p>
+					<p className="role-details-description-text">{role?.description || '—'}</p>
+				</div>
+
+				<div className="role-details-info-row">
+					<div className="role-details-info-col">
+						<p className="role-details-section-label">Created At</p>
+						<div className="role-details-info-value">
+							<TimestampBadge date={role?.createdAt} />
+						</div>
+					</div>
+					<div className="role-details-info-col">
+						<p className="role-details-section-label">Last Modified At</p>
+						<div className="role-details-info-value">
+							<TimestampBadge date={role?.updatedAt} />
+						</div>
+					</div>
+				</div>
+			</div>
+
+			<div className="role-details-permissions">
+				<div className="role-details-permissions-header">
+					<span className="role-details-section-label">Permissions</span>
+					<hr className="role-details-permissions-divider" />
+				</div>
+
+				<div className="role-details-permission-list">
+					{permissionTypes.map((permissionType) => (
+						<PermissionItem
+							key={permissionType.key}
+							permissionType={permissionType}
+							isManaged={isManaged}
+							onPermissionClick={onPermissionClick}
+						/>
+					))}
+				</div>
+			</div>
+		</div>
+	);
+}
+
+export default OverviewTab;

frontend/src/container/RolesSettings/RoleDetails/components/PermissionItem.tsx

@@ -0,0 +1,54 @@
+import { ChevronRight } from '@signozhq/icons';
+
+import { PermissionType } from '../../utils';
+
+interface PermissionItemProps {
+	permissionType: PermissionType;
+	isManaged: boolean;
+	onPermissionClick: (key: string) => void;
+}
+
+function PermissionItem({
+	permissionType,
+	isManaged,
+	onPermissionClick,
+}: PermissionItemProps): JSX.Element {
+	const { key, label, icon } = permissionType;
+
+	if (isManaged) {
+		return (
+			<div
+				key={key}
+				className="role-details-permission-item role-details-permission-item--readonly"
+			>
+				<div className="role-details-permission-item-left">
+					{icon}
+					<span className="role-details-permission-item-label">{label}</span>
+				</div>
+			</div>
+		);
+	}
+
+	return (
+		<div
+			key={key}
+			className="role-details-permission-item"
+			role="button"
+			tabIndex={0}
+			onClick={(): void => onPermissionClick(key)}
+			onKeyDown={(e): void => {
+				if (e.key === 'Enter' || e.key === ' ') {
+					onPermissionClick(key);
+				}
+			}}
+		>
+			<div className="role-details-permission-item-left">
+				{icon}
+				<span className="role-details-permission-item-label">{label}</span>
+			</div>
+			<ChevronRight size={14} color="var(--foreground)" />
+		</div>
+	);
+}
+
+export default PermissionItem;

frontend/src/container/RolesSettings/RoleDetails/constants.ts

@@ -0,0 +1,22 @@
+import {
+	BadgePlus,
+	Eye,
+	LayoutList,
+	PencilRuler,
+	Settings,
+	Trash2,
+} from '@signozhq/icons';
+
+export const ROLE_ID_REGEX = /\/settings\/roles\/([^/]+)/;
+
+export type IconComponent = React.ComponentType<any>;
+
+export const PERMISSION_ICON_MAP: Record<string, IconComponent> = {
+	create: BadgePlus,
+	list: LayoutList,
+	read: Eye,
+	update: PencilRuler,
+	delete: Trash2,
+};
+
+export const FALLBACK_PERMISSION_ICON: IconComponent = Settings;

frontend/src/container/RolesSettings/RoleDetails/index.tsx

@@ -0,0 +1 @@
+export { default } from './RoleDetailsPage';

frontend/src/container/RolesSettings/RolesComponents/CreateRoleModal.tsx

@@ -0,0 +1,191 @@
+import { useCallback, useEffect, useRef } from 'react';
+import { useQueryClient } from 'react-query';
+import { generatePath, useHistory } from 'react-router-dom';
+import { Button } from '@signozhq/button';
+import { X } from '@signozhq/icons';
+import { Input, inputVariants } from '@signozhq/input';
+import { toast } from '@signozhq/sonner';
+import { Form, Modal } from 'antd';
+import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
+import {
+	invalidateGetRole,
+	invalidateListRoles,
+	useCreateRole,
+	usePatchRole,
+} from 'api/generated/services/role';
+import type { RoletypesPostableRoleDTO } from 'api/generated/services/sigNoz.schemas';
+import { AxiosError } from 'axios';
+import ROUTES from 'constants/routes';
+import { useErrorModal } from 'providers/ErrorModalProvider';
+import { ErrorV2Resp } from 'types/api';
+import APIError from 'types/api/error';
+
+import '../RolesSettings.styles.scss';
+
+export interface CreateRoleModalInitialData {
+	id: string;
+	name: string;
+	description?: string;
+}
+
+interface CreateRoleModalProps {
+	isOpen: boolean;
+	onClose: () => void;
+	initialData?: CreateRoleModalInitialData;
+}
+
+interface CreateRoleFormValues {
+	name: string;
+	description?: string;
+}
+
+function CreateRoleModal({
+	isOpen,
+	onClose,
+	initialData,
+}: CreateRoleModalProps): JSX.Element {
+	const [form] = Form.useForm<CreateRoleFormValues>();
+	const queryClient = useQueryClient();
+	const history = useHistory();
+	const { showErrorModal } = useErrorModal();
+
+	const isEditMode = !!initialData?.id;
+	const prevIsOpen = useRef(isOpen);
+
+	useEffect(() => {
+		if (isOpen && !prevIsOpen.current) {
+			if (isEditMode && initialData) {
+				form.setFieldsValue({
+					name: initialData.name,
+					description: initialData.description || '',
+				});
+			} else {
+				form.resetFields();
+			}
+		}
+		prevIsOpen.current = isOpen;
+	}, [isOpen, isEditMode, initialData, form]);
+
+	const handleSuccess = async (
+		message: string,
+		redirectPath?: string,
+	): Promise<void> => {
+		await invalidateListRoles(queryClient);
+		if (isEditMode && initialData?.id) {
+			await invalidateGetRole(queryClient, { id: initialData.id });
+		}
+		toast.success(message);
+		form.resetFields();
+		onClose();
+		if (redirectPath) {
+			history.push(redirectPath);
+		}
+	};
+
+	const handleError = (error: unknown): void => {
+		try {
+			ErrorResponseHandlerV2(error as AxiosError<ErrorV2Resp>);
+		} catch (apiError) {
+			showErrorModal(apiError as APIError);
+		}
+	};
+
+	const { mutate: createRole, isLoading: isCreating } = useCreateRole({
+		mutation: {
+			onSuccess: (res) =>
+				handleSuccess(
+					'Role created successfully',
+					generatePath(ROUTES.ROLE_DETAILS, { roleId: res.data.id }),
+				),
+			onError: handleError,
+		},
+	});
+
+	const { mutate: patchRole, isLoading: isPatching } = usePatchRole({
+		mutation: {
+			onSuccess: () => handleSuccess('Role updated successfully'),
+			onError: handleError,
+		},
+	});
+
+	const onSubmit = useCallback(async (): Promise<void> => {
+		try {
+			const values = await form.validateFields();
+			if (isEditMode && initialData?.id) {
+				patchRole({
+					pathParams: { id: initialData.id },
+					data: { description: values.description || '' },
+				});
+			} else {
+				const data: RoletypesPostableRoleDTO = {
+					name: values.name,
+					...(values.description ? { description: values.description } : {}),
+				};
+				createRole({ data });
+			}
+		} catch {
+			// form validation failed; antd handles inline error display
+		}
+	}, [form, createRole, patchRole, isEditMode, initialData]);
+
+	const onCancel = useCallback((): void => {
+		form.resetFields();
+		onClose();
+	}, [form, onClose]);
+
+	const isLoading = isCreating || isPatching;
+
+	return (
+		<Modal
+			open={isOpen}
+			onCancel={onCancel}
+			title={isEditMode ? 'Edit Role Details' : 'Create a New Role'}
+			footer={[
+				<Button
+					key="cancel"
+					variant="solid"
+					color="secondary"
+					onClick={onCancel}
+					size="sm"
+				>
+					<X size={14} />
+					Cancel
+				</Button>,
+				<Button
+					key="submit"
+					variant="solid"
+					color="primary"
+					onClick={onSubmit}
+					loading={isLoading}
+					size="sm"
+				>
+					{isEditMode ? 'Save Changes' : 'Create Role'}
+				</Button>,
+			]}
+			destroyOnClose
+			className="create-role-modal"
+			width={530}
+		>
+			<Form form={form} layout="vertical" className="create-role-form">
+				<Form.Item
+					name="name"
+					label="Name"
+					rules={[{ required: true, message: 'Role name is required' }]}
+				>
+					<Input
+						disabled={isEditMode}
+						placeholder="Enter role name e.g. : Service Owner"
+					/>
+				</Form.Item>
+				<Form.Item name="description" label="Description">
+					<textarea
+						className={inputVariants()}
+						placeholder="A helpful description of the role"
+					/>
+				</Form.Item>
+			</Form>
+		</Modal>
+	);
+}
+
+export default CreateRoleModal;

frontend/src/container/RolesSettings/RolesComponents/DeleteRoleModal.tsx

@@ -0,0 +1,62 @@
+import { Button } from '@signozhq/button';
+import { Trash2, X } from '@signozhq/icons';
+import { Modal } from 'antd';
+
+interface DeleteRoleModalProps {
+	isOpen: boolean;
+	roleName: string;
+	isDeleting: boolean;
+	onCancel: () => void;
+	onConfirm: () => void;
+}
+
+function DeleteRoleModal({
+	isOpen,
+	roleName,
+	isDeleting,
+	onCancel,
+	onConfirm,
+}: DeleteRoleModalProps): JSX.Element {
+	return (
+		<Modal
+			open={isOpen}
+			onCancel={onCancel}
+			title={<span className="title">Delete Role</span>}
+			closable
+			footer={[
+				<Button
+					key="cancel"
+					className="cancel-btn"
+					prefixIcon={<X size={16} />}
+					onClick={onCancel}
+					size="sm"
+					variant="solid"
+					color="secondary"
+				>
+					Cancel
+				</Button>,
+				<Button
+					key="delete"
+					className="delete-btn"
+					prefixIcon={<Trash2 size={16} />}
+					onClick={onConfirm}
+					loading={isDeleting}
+					size="sm"
+					variant="solid"
+					color="destructive"
+				>
+					Delete Role
+				</Button>,
+			]}
+			destroyOnClose
+			className="role-details-delete-modal"
+		>
+			<p className="delete-text">
+				Are you sure you want to delete the role <strong>{roleName}</strong>? This
+				action cannot be undone.
+			</p>
+		</Modal>
+	);
+}
+
+export default DeleteRoleModal;

frontend/src/container/RolesSettings/RolesComponents/RolesListingTable.tsx

@@ -5,11 +5,15 @@ import { useListRoles } from 'api/generated/services/role';
 import { RoletypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
 import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
+import ROUTES from 'constants/routes';
 import useUrlQuery from 'hooks/useUrlQuery';
 import LineClampedText from 'periscope/components/LineClampedText/LineClampedText';
 import { useTimezone } from 'providers/Timezone';
+import { RoleType } from 'types/roles';
 import { toAPIError } from 'utils/errorUtils';
 
+import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from '../config';
+
 import '../RolesSettings.styles.scss';
 
 const PAGE_SIZE = 20;
@@ -68,11 +72,15 @@ function RolesListingTable({
 	}, [roles, searchQuery]);
 
 	const managedRoles = useMemo(
-		() => filteredRoles.filter((role) => role.type?.toLowerCase() === 'managed'),
+		() =>
+			filteredRoles.filter(
+				(role) => role.type?.toLowerCase() === RoleType.MANAGED,
+			),
 		[filteredRoles],
 	);
 	const customRoles = useMemo(
-		() => filteredRoles.filter((role) => role.type?.toLowerCase() === 'custom'),
+		() =>
+			filteredRoles.filter((role) => role.type?.toLowerCase() === RoleType.CUSTOM),
 		[filteredRoles],
 	);
 
@@ -174,9 +182,34 @@ function RolesListingTable({
 		);
 	}
 
+	const navigateToRole = (roleId: string): void => {
+		history.push(ROUTES.ROLE_DETAILS.replace(':roleId', roleId));
+	};
+
 	// todo: use table from periscope when its available for consumption
 	const renderRow = (role: RoletypesRoleDTO): JSX.Element => (
-		<div key={role.id} className="roles-table-row">
+		<div
+			key={role.id}
+			className={`roles-table-row ${
+				IS_ROLE_DETAILS_AND_CRUD_ENABLED ? 'roles-table-row--clickable' : ''
+			}`}
+			role="button"
+			tabIndex={IS_ROLE_DETAILS_AND_CRUD_ENABLED ? 0 : -1}
+			onClick={(): void => {
+				if (IS_ROLE_DETAILS_AND_CRUD_ENABLED && role.id) {
+					navigateToRole(role.id);
+				}
+			}}
+			onKeyDown={(e): void => {
+				if (
+					IS_ROLE_DETAILS_AND_CRUD_ENABLED &&
+					(e.key === 'Enter' || e.key === ' ') &&
+					role.id
+				) {
+					navigateToRole(role.id);
+				}
+			}}
+		>
 			<div className="roles-table-cell roles-table-cell--name">
 				{role.name ?? '—'}
 			</div>

frontend/src/container/RolesSettings/RolesSettings.styles.scss

@@ -2,6 +2,7 @@
 	.roles-settings-header {
 		display: flex;
 		flex-direction: column;
+		align-items: flex-start;
 		gap: 4px;
 		width: 100%;
 		padding: 16px;
@@ -31,8 +32,28 @@
 		padding: 0 16px;
 	}
 
+	.roles-settings-toolbar {
+		display: flex;
+		align-items: center;
+		gap: 8px;
+		margin-bottom: 12px;
+
+		.role-settings-toolbar-button {
+			display: flex;
+			width: 156px;
+			height: 32px;
+			padding: 6px 12px;
+			justify-content: center;
+			align-items: center;
+			gap: 6px;
+			border-radius: 2px;
+		}
+	}
+
 	// todo: https://github.com/SigNoz/components/issues/116
 	.roles-search-wrapper {
+		flex: 1;
+
 		input {
 			width: 100%;
 			background: var(--l3-background);
@@ -153,6 +174,14 @@
 	background: rgba(171, 189, 255, 0.02);
 	border-bottom: 1px solid var(--secondary);
 	gap: 24px;
+
+	&--clickable {
+		cursor: pointer;
+
+		&:hover {
+			background: rgba(171, 189, 255, 0.05);
+		}
+	}
 }
 
 .roles-table-cell {
@@ -235,4 +264,136 @@
 	.roles-table-row {
 		background: rgba(0, 0, 0, 0.01);
 	}
+
+	.create-role-modal {
+		.ant-modal-title {
+			color: var(--text-base-black);
+		}
+	}
+}
+
+.create-role-modal {
+	.ant-modal-content {
+		padding: 0;
+		background: var(--l2-background);
+		border: 1px solid var(--secondary);
+		border-radius: 4px;
+	}
+
+	.ant-modal-header {
+		background: var(--l2-background);
+		border-bottom: 1px solid var(--secondary);
+		padding: 16px;
+		margin-bottom: 0;
+	}
+
+	.ant-modal-close {
+		top: 14px;
+		inset-inline-end: 16px;
+		width: 14px;
+		height: 14px;
+		color: var(--foreground);
+
+		.ant-modal-close-x {
+			font-size: 12px;
+			display: flex;
+			align-items: center;
+			justify-content: center;
+		}
+	}
+
+	.ant-modal-title {
+		color: var(--text-base-white);
+		font-family: Inter;
+		font-size: 13px;
+		font-weight: 400;
+		line-height: 1;
+		letter-spacing: -0.065px;
+	}
+
+	.ant-modal-body {
+		padding: 16px;
+	}
+
+	.create-role-form {
+		display: flex;
+		flex-direction: column;
+		gap: 16px;
+
+		.ant-form-item {
+			margin-bottom: 0;
+		}
+
+		.ant-form-item-label {
+			padding-bottom: 8px;
+
+			label {
+				color: var(--foreground);
+				font-family: Inter;
+				font-size: 14px;
+				font-weight: 400;
+				line-height: 20px;
+			}
+		}
+
+		// todo: https://github.com/SigNoz/components/issues/116
+		input,
+		textarea {
+			width: 100%;
+			background: var(--l3-background);
+			border: 1px solid var(--l3-border);
+			border-radius: 2px;
+			padding: 6px 8px;
+			font-family: Inter;
+			font-size: 14px;
+			font-weight: 400;
+			line-height: 18px;
+			letter-spacing: -0.07px;
+			color: var(--l1-foreground);
+			outline: none;
+			box-shadow: none;
+
+			&::placeholder {
+				color: var(--l3-foreground);
+				opacity: 0.4;
+			}
+
+			&:focus,
+			&:hover {
+				border-color: var(--input);
+				box-shadow: none;
+			}
+		}
+
+		input {
+			height: 32px;
+		}
+
+		input:disabled {
+			opacity: 0.5;
+			cursor: not-allowed;
+
+			&:hover {
+				border-color: var(--l3-border);
+				box-shadow: none;
+			}
+		}
+
+		textarea {
+			min-height: 100px;
+			resize: vertical;
+		}
+	}
+
+	.ant-modal-footer {
+		display: flex;
+		flex-direction: row;
+		align-items: center;
+		justify-content: flex-end;
+		gap: 12px;
+		margin: 0;
+		padding: 0 16px;
+		height: 56px;
+		border-top: 1px solid var(--secondary);
+	}
 }

frontend/src/container/RolesSettings/RolesSettings.tsx

@@ -1,12 +1,17 @@
 import { useState } from 'react';
+import { Button } from '@signozhq/button';
+import { Plus } from '@signozhq/icons';
 import { Input } from '@signozhq/input';
 
+import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from './config';
+import CreateRoleModal from './RolesComponents/CreateRoleModal';
 import RolesListingTable from './RolesComponents/RolesListingTable';
 
 import './RolesSettings.styles.scss';
 
 function RolesSettings(): JSX.Element {
 	const [searchQuery, setSearchQuery] = useState('');
+	const [isCreateModalOpen, setIsCreateModalOpen] = useState(false);
 
 	return (
 		<div className="roles-settings" data-testid="roles-settings">
@@ -17,16 +22,33 @@ function RolesSettings(): JSX.Element {
 				</p>
 			</div>
 			<div className="roles-settings-content">
-				<div className="roles-search-wrapper">
-					<Input
-						type="search"
-						placeholder="Search for roles..."
-						value={searchQuery}
-						onChange={(e): void => setSearchQuery(e.target.value)}
-					/>
+				<div className="roles-settings-toolbar">
+					<div className="roles-search-wrapper">
+						<Input
+							type="search"
+							placeholder="Search for roles..."
+							value={searchQuery}
+							onChange={(e): void => setSearchQuery(e.target.value)}
+						/>
+					</div>
+					{IS_ROLE_DETAILS_AND_CRUD_ENABLED && (
+						<Button
+							variant="solid"
+							color="primary"
+							className="role-settings-toolbar-button"
+							onClick={(): void => setIsCreateModalOpen(true)}
+						>
+							<Plus size={14} />
+							Custom role
+						</Button>
+					)}
 				</div>
 				<RolesListingTable searchQuery={searchQuery} />
 			</div>
+			<CreateRoleModal
+				isOpen={isCreateModalOpen}
+				onClose={(): void => setIsCreateModalOpen(false)}
+			/>
 		</div>
 	);
 }

frontend/src/container/RolesSettings/__tests__/utils.test.ts

@@ -0,0 +1,384 @@
+import type {
+	AuthtypesGettableObjectsDTO,
+	AuthtypesGettableResourcesDTO,
+} from 'api/generated/services/sigNoz.schemas';
+
+import type {
+	PermissionConfig,
+	ResourceDefinition,
+} from '../PermissionSidePanel/PermissionSidePanel.types';
+import { PermissionScope } from '../PermissionSidePanel/PermissionSidePanel.types';
+import {
+	buildConfig,
+	buildPatchPayload,
+	configsEqual,
+	DEFAULT_RESOURCE_CONFIG,
+	derivePermissionTypes,
+	deriveResourcesForRelation,
+	objectsToPermissionConfig,
+} from '../utils';
+
+jest.mock('../RoleDetails/constants', () => {
+	const MockIcon = (): null => null;
+	return {
+		PERMISSION_ICON_MAP: {
+			create: MockIcon,
+			list: MockIcon,
+			read: MockIcon,
+			update: MockIcon,
+			delete: MockIcon,
+		},
+		FALLBACK_PERMISSION_ICON: MockIcon,
+		ROLE_ID_REGEX: /\/settings\/roles\/([^/]+)/,
+	};
+});
+
+const dashboardResource: AuthtypesGettableResourcesDTO['resources'][number] = {
+	name: 'dashboard',
+	type: 'metaresource',
+};
+
+const alertResource: AuthtypesGettableResourcesDTO['resources'][number] = {
+	name: 'alert',
+	type: 'metaresource',
+};
+
+const baseAuthzResources: AuthtypesGettableResourcesDTO = {
+	resources: [dashboardResource, alertResource],
+	relations: {
+		create: ['metaresource'],
+		read: ['metaresource'],
+	},
+};
+
+const resourceDefs: ResourceDefinition[] = [
+	{ id: 'dashboard', label: 'Dashboard' },
+	{ id: 'alert', label: 'Alert' },
+];
+
+const ID_A = 'aaaaaaaa-0000-0000-0000-000000000001';
+const ID_B = 'bbbbbbbb-0000-0000-0000-000000000002';
+const ID_C = 'cccccccc-0000-0000-0000-000000000003';
+
+describe('buildPatchPayload', () => {
+	it('sends only the added selector as an addition', () => {
+		const initial: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.additions).toEqual([
+			{ resource: dashboardResource, selectors: [ID_B] },
+		]);
+		expect(result.deletions).toBeNull();
+	});
+
+	it('sends only the removed selector as a deletion', () => {
+		const initial: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B, ID_C],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_C],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.deletions).toEqual([
+			{ resource: dashboardResource, selectors: [ID_B] },
+		]);
+		expect(result.additions).toBeNull();
+	});
+
+	it('treats selector order as irrelevant — produces no payload when IDs are identical', () => {
+		const initial: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_B, ID_A],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.additions).toBeNull();
+		expect(result.deletions).toBeNull();
+	});
+
+	it('replaces wildcard with specific IDs when switching all → only_selected', () => {
+		const initial: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B],
+			},
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.deletions).toEqual([
+			{ resource: dashboardResource, selectors: ['*'] },
+		]);
+		expect(result.additions).toEqual([
+			{ resource: dashboardResource, selectors: [ID_A, ID_B] },
+		]);
+	});
+
+	it('only deletes wildcard when switching all → only_selected with empty selector list', () => {
+		const initial: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.deletions).toEqual([
+			{ resource: dashboardResource, selectors: ['*'] },
+		]);
+		expect(result.additions).toBeNull();
+	});
+
+	it('only includes resources that actually changed', () => {
+		const initial: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
+		};
+		const newConfig: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] }, // unchanged
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A, ID_B] }, // added ID_B
+		};
+
+		const result = buildPatchPayload({
+			newConfig,
+			initialConfig: initial,
+			resources: resourceDefs,
+			authzRes: baseAuthzResources,
+		});
+
+		expect(result.additions).toEqual([
+			{ resource: alertResource, selectors: [ID_B] },
+		]);
+		expect(result.deletions).toBeNull();
+	});
+});
+
+describe('objectsToPermissionConfig', () => {
+	it('maps a wildcard selector to ALL scope', () => {
+		const objects: AuthtypesGettableObjectsDTO[] = [
+			{ resource: dashboardResource, selectors: ['*'] },
+		];
+
+		const result = objectsToPermissionConfig(objects, resourceDefs);
+
+		expect(result.dashboard).toEqual({
+			scope: PermissionScope.ALL,
+			selectedIds: [],
+		});
+	});
+
+	it('maps specific selectors to ONLY_SELECTED scope with the IDs', () => {
+		const objects: AuthtypesGettableObjectsDTO[] = [
+			{ resource: dashboardResource, selectors: [ID_A, ID_B] },
+		];
+
+		const result = objectsToPermissionConfig(objects, resourceDefs);
+
+		expect(result.dashboard).toEqual({
+			scope: PermissionScope.ONLY_SELECTED,
+			selectedIds: [ID_A, ID_B],
+		});
+	});
+
+	it('defaults to ONLY_SELECTED with empty selectedIds when resource is absent from API response', () => {
+		const result = objectsToPermissionConfig([], resourceDefs);
+
+		expect(result.dashboard).toEqual({
+			scope: PermissionScope.ONLY_SELECTED,
+			selectedIds: [],
+		});
+		expect(result.alert).toEqual({
+			scope: PermissionScope.ONLY_SELECTED,
+			selectedIds: [],
+		});
+	});
+});
+
+describe('configsEqual', () => {
+	it('returns true for identical configs', () => {
+		const config: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
+		};
+
+		expect(configsEqual(config, { ...config })).toBe(true);
+	});
+
+	it('returns false when configs differ', () => {
+		const a: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+		};
+		const b: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
+		};
+
+		expect(configsEqual(a, b)).toBe(false);
+
+		const c: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_C, ID_B],
+			},
+		};
+		const d: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B],
+			},
+		};
+
+		expect(configsEqual(c, d)).toBe(false);
+	});
+
+	it('returns true when selectedIds are the same but in different order', () => {
+		const a: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_A, ID_B],
+			},
+		};
+		const b: PermissionConfig = {
+			dashboard: {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [ID_B, ID_A],
+			},
+		};
+
+		expect(configsEqual(a, b)).toBe(true);
+	});
+});
+
+describe('buildConfig', () => {
+	it('uses initial values when provided and defaults for resources not in initial', () => {
+		const initial: PermissionConfig = {
+			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
+		};
+
+		const result = buildConfig(resourceDefs, initial);
+
+		expect(result.dashboard).toEqual({
+			scope: PermissionScope.ALL,
+			selectedIds: [],
+		});
+		expect(result.alert).toEqual(DEFAULT_RESOURCE_CONFIG);
+	});
+
+	it('applies DEFAULT_RESOURCE_CONFIG to all resources when no initial is provided', () => {
+		const result = buildConfig(resourceDefs);
+
+		expect(result.dashboard).toEqual(DEFAULT_RESOURCE_CONFIG);
+		expect(result.alert).toEqual(DEFAULT_RESOURCE_CONFIG);
+	});
+});
+
+describe('derivePermissionTypes', () => {
+	it('derives one PermissionType per relation key with correct key and capitalised label', () => {
+		const relations: AuthtypesGettableResourcesDTO['relations'] = {
+			create: ['metaresource'],
+			read: ['metaresource'],
+			delete: ['metaresource'],
+		};
+
+		const result = derivePermissionTypes(relations);
+
+		expect(result).toHaveLength(3);
+		expect(result.map((p) => p.key)).toEqual(['create', 'read', 'delete']);
+		expect(result[0].label).toBe('Create');
+	});
+
+	it('falls back to the default set of permission types when relations is null', () => {
+		const result = derivePermissionTypes(null);
+
+		expect(result.map((p) => p.key)).toEqual([
+			'create',
+			'list',
+			'read',
+			'update',
+			'delete',
+		]);
+	});
+});
+
+describe('deriveResourcesForRelation', () => {
+	it('returns resources whose type matches the relation', () => {
+		const result = deriveResourcesForRelation(baseAuthzResources, 'create');
+
+		expect(result).toHaveLength(2);
+		expect(result.map((r) => r.id)).toEqual(['dashboard', 'alert']);
+	});
+
+	it('returns an empty array when authzResources is null', () => {
+		expect(deriveResourcesForRelation(null, 'create')).toHaveLength(0);
+	});
+
+	it('returns an empty array when the relation is not defined in the map', () => {
+		expect(
+			deriveResourcesForRelation(baseAuthzResources, 'nonexistent'),
+		).toHaveLength(0);
+	});
+});

frontend/src/container/RolesSettings/config.ts

@@ -0,0 +1 @@
+export const IS_ROLE_DETAILS_AND_CRUD_ENABLED = false;

frontend/src/container/RolesSettings/utils.tsx

@@ -0,0 +1,226 @@
+import React from 'react';
+import { Badge } from '@signozhq/badge';
+import type {
+	AuthtypesGettableObjectsDTO,
+	AuthtypesGettableResourcesDTO,
+} from 'api/generated/services/sigNoz.schemas';
+import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
+import { capitalize } from 'lodash-es';
+import { useTimezone } from 'providers/Timezone';
+
+import type {
+	PermissionConfig,
+	ResourceConfig,
+	ResourceDefinition,
+} from './PermissionSidePanel/PermissionSidePanel.types';
+import { PermissionScope } from './PermissionSidePanel/PermissionSidePanel.types';
+import {
+	FALLBACK_PERMISSION_ICON,
+	PERMISSION_ICON_MAP,
+} from './RoleDetails/constants';
+
+export interface PermissionType {
+	key: string;
+	label: string;
+	icon: JSX.Element;
+}
+
+export interface PatchPayloadOptions {
+	newConfig: PermissionConfig;
+	initialConfig: PermissionConfig;
+	resources: ResourceDefinition[];
+	authzRes: AuthtypesGettableResourcesDTO;
+}
+
+export function derivePermissionTypes(
+	relations: AuthtypesGettableResourcesDTO['relations'] | null,
+): PermissionType[] {
+	const iconSize = { size: 14 };
+
+	if (!relations) {
+		return Object.entries(PERMISSION_ICON_MAP).map(([key, IconComp]) => ({
+			key,
+			label: capitalize(key),
+			icon: React.createElement(IconComp, iconSize),
+		}));
+	}
+	return Object.keys(relations).map((key) => {
+		const IconComp = PERMISSION_ICON_MAP[key] ?? FALLBACK_PERMISSION_ICON;
+		return {
+			key,
+			label: capitalize(key),
+			icon: React.createElement(IconComp, iconSize),
+		};
+	});
+}
+
+export function deriveResourcesForRelation(
+	authzResources: AuthtypesGettableResourcesDTO | null,
+	relation: string,
+): ResourceDefinition[] {
+	if (!authzResources?.relations) {
+		return [];
+	}
+	const supportedTypes = authzResources.relations[relation] ?? [];
+	return authzResources.resources
+		.filter((r) => supportedTypes.includes(r.type))
+		.map((r) => ({
+			id: r.name,
+			label: capitalize(r.name).replace(/_/g, ' '),
+			options: [],
+		}));
+}
+
+export function objectsToPermissionConfig(
+	objects: AuthtypesGettableObjectsDTO[],
+	resources: ResourceDefinition[],
+): PermissionConfig {
+	const config: PermissionConfig = {};
+	for (const res of resources) {
+		const obj = objects.find((o) => o.resource.name === res.id);
+		if (!obj) {
+			config[res.id] = {
+				scope: PermissionScope.ONLY_SELECTED,
+				selectedIds: [],
+			};
+		} else {
+			const isAll = obj.selectors.includes('*');
+			config[res.id] = {
+				scope: isAll ? PermissionScope.ALL : PermissionScope.ONLY_SELECTED,
+				selectedIds: isAll ? [] : obj.selectors,
+			};
+		}
+	}
+	return config;
+}
+
+// eslint-disable-next-line sonarjs/cognitive-complexity
+export function buildPatchPayload({
+	newConfig,
+	initialConfig,
+	resources,
+	authzRes,
+}: PatchPayloadOptions): {
+	additions: AuthtypesGettableObjectsDTO[] | null;
+	deletions: AuthtypesGettableObjectsDTO[] | null;
+} {
+	if (!authzRes) {
+		return { additions: null, deletions: null };
+	}
+	const additions: AuthtypesGettableObjectsDTO[] = [];
+	const deletions: AuthtypesGettableObjectsDTO[] = [];
+
+	for (const res of resources) {
+		const initial = initialConfig[res.id];
+		const current = newConfig[res.id];
+		const resourceDef = authzRes.resources.find((r) => r.name === res.id);
+		if (!resourceDef) {
+			continue;
+		}
+
+		const initialScope = initial?.scope ?? PermissionScope.ONLY_SELECTED;
+		const currentScope = current?.scope ?? PermissionScope.ONLY_SELECTED;
+
+		if (initialScope === currentScope) {
+			// Same scope — only diff individual selectors when both are ONLY_SELECTED
+			if (initialScope === PermissionScope.ONLY_SELECTED) {
+				const initialIds = new Set(initial?.selectedIds ?? []);
+				const currentIds = new Set(current?.selectedIds ?? []);
+				const removed = [...initialIds].filter((id) => !currentIds.has(id));
+				const added = [...currentIds].filter((id) => !initialIds.has(id));
+				if (removed.length > 0) {
+					deletions.push({ resource: resourceDef, selectors: removed });
+				}
+				if (added.length > 0) {
+					additions.push({ resource: resourceDef, selectors: added });
+				}
+			}
+			// Both ALL → no change, skip
+		} else {
+			// Scope changed (ALL ↔ ONLY_SELECTED) — replace old with new
+			const initialSelectors =
+				initialScope === PermissionScope.ALL ? ['*'] : initial?.selectedIds ?? [];
+			if (initialSelectors.length > 0) {
+				deletions.push({ resource: resourceDef, selectors: initialSelectors });
+			}
+			const currentSelectors =
+				currentScope === PermissionScope.ALL ? ['*'] : current?.selectedIds ?? [];
+			if (currentSelectors.length > 0) {
+				additions.push({ resource: resourceDef, selectors: currentSelectors });
+			}
+		}
+	}
+
+	return {
+		additions: additions.length > 0 ? additions : null,
+		deletions: deletions.length > 0 ? deletions : null,
+	};
+}
+
+interface TimestampBadgeProps {
+	date?: Date | string;
+}
+
+export function TimestampBadge({ date }: TimestampBadgeProps): JSX.Element {
+	const { formatTimezoneAdjustedTimestamp } = useTimezone();
+
+	if (!date) {
+		return <Badge color="vanilla">—</Badge>;
+	}
+
+	const d = new Date(date);
+	if (Number.isNaN(d.getTime())) {
+		return <Badge color="vanilla">—</Badge>;
+	}
+
+	const formatted = formatTimezoneAdjustedTimestamp(
+		date,
+		DATE_TIME_FORMATS.DASH_DATETIME,
+	);
+
+	return <Badge color="vanilla">{formatted}</Badge>;
+}
+
+export const DEFAULT_RESOURCE_CONFIG: ResourceConfig = {
+	scope: PermissionScope.ONLY_SELECTED,
+	selectedIds: [],
+};
+
+export function buildConfig(
+	resources: ResourceDefinition[],
+	initial?: PermissionConfig,
+): PermissionConfig {
+	const config: PermissionConfig = {};
+	resources.forEach((r) => {
+		config[r.id] = initial?.[r.id] ?? { ...DEFAULT_RESOURCE_CONFIG };
+	});
+	return config;
+}
+
+export function isResourceConfigEqual(
+	ac: ResourceConfig,
+	bc?: ResourceConfig,
+): boolean {
+	if (!bc) {
+		return false;
+	}
+	return (
+		ac.scope === bc.scope &&
+		JSON.stringify([...ac.selectedIds].sort()) ===
+			JSON.stringify([...bc.selectedIds].sort())
+	);
+}
+
+export function configsEqual(
+	a: PermissionConfig,
+	b: PermissionConfig,
+): boolean {
+	const keysA = Object.keys(a);
+	const keysB = Object.keys(b);
+
+	if (keysA.length !== keysB.length) {
+		return false;
+	}
+
+	return keysA.every((id) => isResourceConfigEqual(a[id], b[id]));
+}

frontend/src/container/TopNav/DateTimeSelectionV2/constants.ts

@@ -160,6 +160,7 @@ export const routesToSkip = [
 	ROUTES.LOGS_PIPELINES,
 	ROUTES.BILLING,
 	ROUTES.ROLES_SETTINGS,
+	ROUTES.ROLE_DETAILS,
 	ROUTES.SUPPORT,
 	ROUTES.WORKSPACE_LOCKED,
 	ROUTES.WORKSPACE_SUSPENDED,

frontend/src/mocks-server/__mockdata__/roles.ts

@@ -62,3 +62,6 @@ export const listRolesSuccessResponse = {
 	status: 'success',
 	data: allRoles,
 };
+
+export const customRoleResponse = { status: 'success', data: customRoles[0] };
+export const managedRoleResponse = { status: 'success', data: managedRoles[0] };

frontend/src/pages/Settings/Settings.tsx

@@ -109,6 +109,7 @@ function SettingsPage(): JSX.Element {
 						isEnabled:
 							item.key === ROUTES.BILLING ||
 							item.key === ROUTES.ROLES_SETTINGS ||
+							item.key === ROUTES.ROLE_DETAILS ||
 							item.key === ROUTES.INTEGRATIONS ||
 							item.key === ROUTES.API_KEYS ||
 							item.key === ROUTES.ORG_SETTINGS ||
@@ -137,7 +138,8 @@ function SettingsPage(): JSX.Element {
 						isEnabled:
 							item.key === ROUTES.API_KEYS ||
 							item.key === ROUTES.ORG_SETTINGS ||
-							item.key === ROUTES.ROLES_SETTINGS
+							item.key === ROUTES.ROLES_SETTINGS ||
+							item.key === ROUTES.ROLE_DETAILS
 								? true
 								: item.isEnabled,
 					}));
@@ -229,6 +231,13 @@ function SettingsPage(): JSX.Element {
 			return true;
 		}
 
+		if (
+			pathname.startsWith(ROUTES.ROLES_SETTINGS) &&
+			key === ROUTES.ROLES_SETTINGS
+		) {
+			return true;
+		}
+
 		return pathname === key;
 	};
 

frontend/src/pages/Settings/config.tsx

@@ -13,6 +13,7 @@ import MultiIngestionSettings from 'container/IngestionSettings/MultiIngestionSe
 import MySettings from 'container/MySettings';
 import OrganizationSettings from 'container/OrganizationSettings';
 import RolesSettings from 'container/RolesSettings';
+import RoleDetailsPage from 'container/RolesSettings/RoleDetails';
 import { TFunction } from 'i18next';
 import {
 	Backpack,
@@ -163,6 +164,19 @@ export const rolesSettings = (t: TFunction): RouteTabProps['routes'] => [
 	},
 ];
 
+export const roleDetails = (t: TFunction): RouteTabProps['routes'] => [
+	{
+		Component: RoleDetailsPage,
+		name: (
+			<div className="periscope-tab">
+				<Shield size={16} /> {t('routes:role_details').toString()}
+			</div>
+		),
+		route: ROUTES.ROLE_DETAILS,
+		key: ROUTES.ROLE_DETAILS,
+	},
+];
+
 export const keyboardShortcuts = (t: TFunction): RouteTabProps['routes'] => [
 	{
 		Component: Shortcuts,

frontend/src/pages/Settings/utils.ts

@@ -15,6 +15,7 @@ import {
 	multiIngestionSettings,
 	mySettings,
 	organizationSettings,
+	roleDetails,
 	rolesSettings,
 } from './config';
 
@@ -68,7 +69,7 @@ export const getRoutes = (
 	}
 
 	if (isAdmin) {
-		settings.push(...rolesSettings(t));
+		settings.push(...rolesSettings(t), ...roleDetails(t));
 	}
 
 	settings.push(

frontend/src/tests/test-utils.tsx

@@ -245,6 +245,7 @@ export function getAppContextMock(
 			ee: 'Y',
 			setupCompleted: true,
 		},
+
 		...appContextOverrides,
 	};
 }

frontend/src/types/roles.ts

@@ -11,3 +11,8 @@ export const USER_ROLES = {
 	EDITOR: 'EDITOR',
 	AUTHOR: 'AUTHOR',
 };
+
+export enum RoleType {
+	MANAGED = 'managed',
+	CUSTOM = 'custom',
+}

frontend/src/utils/errorUtils.ts

@@ -1,6 +1,6 @@
-import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
-import { AxiosError } from 'axios';
-import { ErrorV2Resp } from 'types/api';
+import { ErrorResponseHandlerForGeneratedAPIs } from 'api/ErrorResponseHandlerForGeneratedAPIs';
+import { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
+import { ErrorType } from 'api/generatedAPIInstance';
 import APIError from 'types/api/error';
 
 /**
@@ -35,11 +35,11 @@ export const isRetryableError = (error: any): boolean => {
 };
 
 export function toAPIError(
-	error: unknown,
+	error: ErrorType<RenderErrorResponseDTO>,
 	defaultMessage = 'An unexpected error occurred.',
 ): APIError {
 	try {
-		ErrorResponseHandlerV2(error as AxiosError<ErrorV2Resp>);
+		ErrorResponseHandlerForGeneratedAPIs(error);
 	} catch (apiError) {
 		if (apiError instanceof APIError) {
 			return apiError;
@@ -55,3 +55,14 @@ export function toAPIError(
 		},
 	});
 }
+
+export function handleApiError(
+	err: ErrorType<RenderErrorResponseDTO>,
+	showErrorFunction: (error: APIError) => void,
+): void {
+	try {
+		ErrorResponseHandlerForGeneratedAPIs(err);
+	} catch (apiError) {
+		showErrorFunction(apiError as APIError);
+	}
+}

frontend/src/utils/permission/index.ts

@@ -98,6 +98,7 @@ export const routePermission: Record<keyof typeof ROUTES, ROLES[]> = {
 	WORKSPACE_LOCKED: ['ADMIN', 'EDITOR', 'VIEWER'],
 	WORKSPACE_SUSPENDED: ['ADMIN', 'EDITOR', 'VIEWER'],
 	ROLES_SETTINGS: ['ADMIN'],
+	ROLE_DETAILS: ['ADMIN'],
 	BILLING: ['ADMIN'],
 	SUPPORT: ['ADMIN', 'EDITOR', 'VIEWER'],
 	SOMETHING_WENT_WRONG: ['ADMIN', 'EDITOR', 'VIEWER'],

frontend/yarn.lock

@@ -4476,6 +4476,28 @@
     "@radix-ui/react-roving-focus" "1.0.4"
     "@radix-ui/react-use-controllable-state" "1.0.1"
 
+"@radix-ui/react-toggle-group@^1.1.7":
+  version "1.1.11"
+  resolved "https://registry.yarnpkg.com/@radix-ui/react-toggle-group/-/react-toggle-group-1.1.11.tgz#e513d6ffdb07509b400ab5b26f2523747c0d51c1"
+  integrity sha512-5umnS0T8JQzQT6HbPyO7Hh9dgd82NmS36DQr+X/YJ9ctFNCiiQd6IJAYYZ33LUwm8M+taCz5t2ui29fHZc4Y6Q==
+  dependencies:
+    "@radix-ui/primitive" "1.1.3"
+    "@radix-ui/react-context" "1.1.2"
+    "@radix-ui/react-direction" "1.1.1"
+    "@radix-ui/react-primitive" "2.1.3"
+    "@radix-ui/react-roving-focus" "1.1.11"
+    "@radix-ui/react-toggle" "1.1.10"
+    "@radix-ui/react-use-controllable-state" "1.2.2"
+
+"@radix-ui/react-toggle@1.1.10", "@radix-ui/react-toggle@^1.1.6":
+  version "1.1.10"
+  resolved "https://registry.yarnpkg.com/@radix-ui/react-toggle/-/react-toggle-1.1.10.tgz#b04ba0f9609599df666fce5b2f38109a197f08cf"
+  integrity sha512-lS1odchhFTeZv3xwHH31YPObmJn8gOg7Lq12inrr0+BH/l3Tsq32VfjqH1oh80ARM3mlkfMic15n0kg4sD1poQ==
+  dependencies:
+    "@radix-ui/primitive" "1.1.3"
+    "@radix-ui/react-primitive" "2.1.3"
+    "@radix-ui/react-use-controllable-state" "1.2.2"
+
 "@radix-ui/react-tooltip@1.0.7":
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/@radix-ui/react-tooltip/-/react-tooltip-1.0.7.tgz#8f55070f852e7e7450cc1d9210b793d2e5a7686e"
@@ -5178,6 +5200,21 @@
     tailwind-merge "^2.5.2"
     tailwindcss-animate "^1.0.7"
 
+"@signozhq/toggle-group@^0.0.1":
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/@signozhq/toggle-group/-/toggle-group-0.0.1.tgz#c82ff1da34e77b24da53c2d595ad6b4a0d1b1de4"
+  integrity sha512-871bQayL5MaqsuNOFHKexidu9W2Hlg1y4xmH8C5mGmlfZ4bd0ovJ9OweQrM6Puys3jeMwi69xmJuesYCfKQc1g==
+  dependencies:
+    "@radix-ui/react-icons" "^1.3.0"
+    "@radix-ui/react-slot" "^1.1.0"
+    "@radix-ui/react-toggle" "^1.1.6"
+    "@radix-ui/react-toggle-group" "^1.1.7"
+    class-variance-authority "^0.7.0"
+    clsx "^2.1.1"
+    lucide-react "^0.445.0"
+    tailwind-merge "^2.5.2"
+    tailwindcss-animate "^1.0.7"
+
 "@signozhq/tooltip@0.0.2":
   version "0.0.2"
   resolved "https://registry.yarnpkg.com/@signozhq/tooltip/-/tooltip-0.0.2.tgz#bb4e2681868fa2e06db78eff5872ffb2a78b93b6"

pkg/modules/cloudintegration/cloudintegration.go

@@ -1,62 +0,0 @@
-package cloudintegration
-
-import (
-	"context"
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type Module interface {
-	GetName() cloudintegrationtypes.CloudProviderType
-
-	// AgentCheckIn is called by agent to heartbeat and get latest config in response.
-	AgentCheckIn(ctx context.Context, req *cloudintegrationtypes.PostableAgentCheckInPayload) (any, error)
-
-	GenerateConnectionParams(ctx context.Context) (*cloudintegrationtypes.GettableCloudIntegrationConnectionParams, error)
-	// GenerateConnectionArtifact generates cloud provider specific connection information, client side handles how this information is shown
-	GenerateConnectionArtifact(ctx context.Context, req *cloudintegrationtypes.PostableConnectionArtifact) (any, error)
-	// GetAccountStatus returns agent connection status for a cloud integration account
-	GetAccountStatus(ctx context.Context, orgID, accountID string) (*cloudintegrationtypes.GettableAccountStatus, error)
-	// ListConnectedAccounts lists accounts where agent is connected
-	ListConnectedAccounts(ctx context.Context, orgID string) (*cloudintegrationtypes.GettableConnectedAccountsList, error)
-
-	// LIstServices return list of services for a cloud provider attached with the accountID. This just returns a summary
-	ListServices(ctx context.Context, orgID string, accountID *string) (any, error) // returns either GettableAWSServices or GettableAzureServices
-	// GetServiceDetails returns service definition details for a serviceId. This returns config and other details required to show in service details page on client.
-	GetServiceDetails(ctx context.Context, req *cloudintegrationtypes.GetServiceDetailsReq) (any, error)
-
-	// GetDashboard returns dashboard json for a give cloud integration service dashboard.
-	// this only returns the dashboard when account is connected and service is enabled
-	GetDashboard(ctx context.Context, id string, orgID valuer.UUID) (*dashboardtypes.Dashboard, error)
-	// GetAvailableDashboards returns list of available dashboards across all connected cloud integration accounts in the org.
-	// this list gets added to dashboard list page
-	GetAvailableDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error)
-
-	// UpdateAccountConfig updates cloud integration account config
-	UpdateAccountConfig(ctx context.Context, orgId valuer.UUID, accountId string, config []byte) (any, error)
-	// UpdateServiceConfig updates cloud integration service config
-	UpdateServiceConfig(ctx context.Context, serviceId string, orgID valuer.UUID, config []byte) (any, error)
-
-	// DisconnectAccount soft deletes/removes a cloud integration account.
-	DisconnectAccount(ctx context.Context, orgID, accountID string) (*cloudintegrationtypes.CloudIntegration, error)
-}
-
-type Handler interface {
-	AgentCheckIn(http.ResponseWriter, *http.Request)
-
-	GenerateConnectionParams(http.ResponseWriter, *http.Request)
-	GenerateConnectionArtifact(http.ResponseWriter, *http.Request)
-
-	ListConnectedAccounts(http.ResponseWriter, *http.Request)
-	GetAccountStatus(http.ResponseWriter, *http.Request)
-	ListServices(http.ResponseWriter, *http.Request)
-	GetServiceDetails(http.ResponseWriter, *http.Request)
-
-	UpdateAccountConfig(http.ResponseWriter, *http.Request)
-	UpdateServiceConfig(http.ResponseWriter, *http.Request)
-
-	DisconnectAccount(http.ResponseWriter, *http.Request)
-}

pkg/modules/cloudintegration/implsqlstore/accounts.go

@@ -1,193 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-	"database/sql"
-	"fmt"
-	"log/slog"
-	"strings"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	"github.com/SigNoz/signoz/pkg/types"
-	cloudintegrationtypes "github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-var ErrCodeCloudIntegrationAccountNotFound = errors.MustNewCode("cloud_integration_account_not_found")
-
-// cloudProviderAccountsSQLRepository is a SQL-backed implementation of CloudIntegrationAccountStore.
-type cloudProviderAccountsSQLRepository struct {
-	store sqlstore.SQLStore
-}
-
-// NewSQLCloudIntegrationAccountStore constructs a SQL-backed CloudIntegrationAccountStore.
-func NewSQLCloudIntegrationAccountStore(store sqlstore.SQLStore) cloudintegrationtypes.CloudIntegrationAccountStore {
-	return &cloudProviderAccountsSQLRepository{store: store}
-}
-
-// -----------------------------
-// Account store implementation
-// -----------------------------
-
-func (r *cloudProviderAccountsSQLRepository) ListConnected(
-	ctx context.Context, orgId string, cloudProvider string,
-) ([]cloudintegrationtypes.CloudIntegration, error) {
-	accounts := []cloudintegrationtypes.CloudIntegration{}
-
-	err := r.store.BunDB().NewSelect().
-		Model(&accounts).
-		Where("org_id = ?", orgId).
-		Where("provider = ?", cloudProvider).
-		Where("removed_at is NULL").
-		Where("account_id is not NULL").
-		Where("last_agent_report is not NULL").
-		Order("created_at").
-		Scan(ctx)
-	if err != nil {
-		slog.ErrorContext(ctx, "error querying connected cloud accounts", "error", err)
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "could not query connected cloud accounts")
-	}
-
-	return accounts, nil
-}
-
-func (r *cloudProviderAccountsSQLRepository) Get(
-	ctx context.Context, orgId string, provider string, id string,
-) (*cloudintegrationtypes.CloudIntegration, error) {
-	var result cloudintegrationtypes.CloudIntegration
-
-	err := r.store.BunDB().NewSelect().
-		Model(&result).
-		Where("org_id = ?", orgId).
-		Where("provider = ?", provider).
-		Where("id = ?", id).
-		Scan(ctx)
-	if err != nil {
-		if errors.Is(err, sql.ErrNoRows) {
-			return nil, errors.WrapNotFoundf(
-				err,
-				ErrCodeCloudIntegrationAccountNotFound,
-				"couldn't find account with Id %s", id,
-			)
-		}
-
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't query cloud provider account")
-	}
-
-	return &result, nil
-}
-
-func (r *cloudProviderAccountsSQLRepository) GetConnectedCloudAccount(
-	ctx context.Context, orgId string, provider string, accountId string,
-) (*cloudintegrationtypes.CloudIntegration, error) {
-	var result cloudintegrationtypes.CloudIntegration
-
-	err := r.store.BunDB().NewSelect().
-		Model(&result).
-		Where("org_id = ?", orgId).
-		Where("provider = ?", provider).
-		Where("account_id = ?", accountId).
-		Where("last_agent_report is not NULL").
-		Where("removed_at is NULL").
-		Scan(ctx)
-
-	if errors.Is(err, sql.ErrNoRows) {
-		return nil, errors.WrapNotFoundf(err, ErrCodeCloudIntegrationAccountNotFound, "couldn't find connected cloud account %s", accountId)
-	} else if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't query cloud provider account")
-	}
-
-	return &result, nil
-}
-
-func (r *cloudProviderAccountsSQLRepository) Upsert(
-	ctx context.Context,
-	orgId string,
-	provider string,
-	id *string,
-	config []byte,
-	accountId *string,
-	agentReport *cloudintegrationtypes.AgentReport,
-	removedAt *time.Time,
-) (*cloudintegrationtypes.CloudIntegration, error) {
-	// Insert
-	if id == nil {
-		temp := valuer.GenerateUUID().StringValue()
-		id = &temp
-	}
-
-	// Prepare clause for setting values in `on conflict do update`
-	onConflictSetStmts := []string{}
-	setColStatement := func(col string) string {
-		return fmt.Sprintf("%s=excluded.%s", col, col)
-	}
-
-	if config != nil {
-		onConflictSetStmts = append(
-			onConflictSetStmts, setColStatement("config"),
-		)
-	}
-
-	if accountId != nil {
-		onConflictSetStmts = append(
-			onConflictSetStmts, setColStatement("account_id"),
-		)
-	}
-
-	if agentReport != nil {
-		onConflictSetStmts = append(
-			onConflictSetStmts, setColStatement("last_agent_report"),
-		)
-	}
-
-	if removedAt != nil {
-		onConflictSetStmts = append(
-			onConflictSetStmts, setColStatement("removed_at"),
-		)
-	}
-
-	// set updated_at to current timestamp if it's an upsert
-	onConflictSetStmts = append(
-		onConflictSetStmts, setColStatement("updated_at"),
-	)
-
-	onConflictClause := ""
-	if len(onConflictSetStmts) > 0 {
-		onConflictClause = fmt.Sprintf(
-			"conflict(id, provider, org_id) do update SET\n%s",
-			strings.Join(onConflictSetStmts, ",\n"),
-		)
-	}
-
-	integration := cloudintegrationtypes.CloudIntegration{
-		OrgID:        orgId,
-		Provider:     provider,
-		Identifiable: types.Identifiable{ID: valuer.MustNewUUID(*id)},
-		TimeAuditable: types.TimeAuditable{
-			CreatedAt: time.Now(),
-			UpdatedAt: time.Now(),
-		},
-		Config:          string(config),
-		AccountID:       accountId,
-		LastAgentReport: agentReport,
-		RemovedAt:       removedAt,
-	}
-
-	_, err := r.store.BunDB().NewInsert().
-		Model(&integration).
-		On(onConflictClause).
-		Exec(ctx)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't upsert cloud integration account")
-	}
-
-	upsertedAccount, err := r.Get(ctx, orgId, provider, *id)
-	if err != nil {
-		slog.ErrorContext(ctx, "error upserting cloud integration account", "error", err)
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't get upserted cloud integration account")
-	}
-
-	return upsertedAccount, nil
-}

pkg/modules/cloudintegration/implsqlstore/serviceconfig.go

@@ -1,133 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-	"database/sql"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	"github.com/SigNoz/signoz/pkg/types"
-	cloudintegrationtypes "github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-var ErrCodeServiceConfigNotFound = errors.MustNewCode("service_config_not_found")
-
-// serviceConfigSQLRepository is a SQL-backed implementation of CloudIntegrationServiceStore.
-type serviceConfigSQLRepository struct {
-	store sqlstore.SQLStore
-}
-
-// NewSQLCloudIntegrationServiceStore constructs a SQL-backed CloudIntegrationServiceStore.
-func NewSQLCloudIntegrationServiceStore(store sqlstore.SQLStore) cloudintegrationtypes.CloudIntegrationServiceStore {
-	return &serviceConfigSQLRepository{store: store}
-}
-
-// -----------------------------
-// Service config store implementation
-// -----------------------------
-
-func (r *serviceConfigSQLRepository) Get(
-	ctx context.Context,
-	orgID string,
-	cloudAccountId string,
-	serviceType string,
-) ([]byte, error) {
-	var result cloudintegrationtypes.CloudIntegrationService
-
-	err := r.store.BunDB().NewSelect().
-		Model(&result).
-		Join("JOIN cloud_integration ci ON ci.id = cis.cloud_integration_id").
-		Where("ci.org_id = ?", orgID).
-		Where("ci.id = ?", cloudAccountId).
-		Where("cis.type = ?", serviceType).
-		Scan(ctx)
-	if err != nil {
-		if errors.Is(err, sql.ErrNoRows) {
-			return nil, errors.WrapNotFoundf(err, ErrCodeServiceConfigNotFound, "couldn't find config for cloud account %s", cloudAccountId)
-		}
-
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't query cloud service config")
-	}
-
-	return []byte(result.Config), nil
-}
-
-func (r *serviceConfigSQLRepository) Upsert(
-	ctx context.Context,
-	orgID string,
-	cloudProvider string,
-	cloudAccountId string,
-	serviceId string,
-	config []byte,
-) ([]byte, error) {
-	// get cloud integration id from account id
-	// if the account is not connected, we don't need to upsert the config
-	var cloudIntegrationId string
-	err := r.store.BunDB().NewSelect().
-		Model((*cloudintegrationtypes.CloudIntegration)(nil)).
-		Column("id").
-		Where("provider = ?", cloudProvider).
-		Where("account_id = ?", cloudAccountId).
-		Where("org_id = ?", orgID).
-		Where("removed_at is NULL").
-		Where("last_agent_report is not NULL").
-		Scan(ctx, &cloudIntegrationId)
-	if err != nil {
-		if errors.Is(err, sql.ErrNoRows) {
-			return nil, errors.WrapNotFoundf(
-				err,
-				ErrCodeCloudIntegrationAccountNotFound,
-				"couldn't find active cloud integration account",
-			)
-		}
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't query cloud integration id")
-	}
-
-	serviceConfig := cloudintegrationtypes.CloudIntegrationService{
-		Identifiable: types.Identifiable{ID: valuer.GenerateUUID()},
-		TimeAuditable: types.TimeAuditable{
-			CreatedAt: time.Now(),
-			UpdatedAt: time.Now(),
-		},
-		Config:             string(config),
-		Type:               serviceId,
-		CloudIntegrationID: cloudIntegrationId,
-	}
-	_, err = r.store.BunDB().NewInsert().
-		Model(&serviceConfig).
-		On("conflict(cloud_integration_id, type) do update set config=excluded.config, updated_at=excluded.updated_at").
-		Exec(ctx)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't upsert cloud service config")
-	}
-
-	return config, nil
-}
-
-func (r *serviceConfigSQLRepository) GetAllForAccount(
-	ctx context.Context,
-	orgID string,
-	cloudAccountId string,
-) (map[string][]byte, error) {
-	var serviceConfigs []cloudintegrationtypes.CloudIntegrationService
-
-	err := r.store.BunDB().NewSelect().
-		Model(&serviceConfigs).
-		Join("JOIN cloud_integration ci ON ci.id = cis.cloud_integration_id").
-		Where("ci.id = ?", cloudAccountId).
-		Where("ci.org_id = ?", orgID).
-		Scan(ctx)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't query service configs from db")
-	}
-
-	result := make(map[string][]byte)
-
-	for _, r := range serviceConfigs {
-		result[r.Type] = []byte(r.Config)
-	}
-
-	return result, nil
-}

pkg/types/cloudintegrationtypes/cloudintegration.go

@@ -1,578 +0,0 @@
-// NOTE:
-//   - When Account keyword is used in struct names, it refers cloud integration account. CloudIntegration refers to DB schema.
-//   - When Account Config keyword is used in struct names, it refers to configuration for cloud integration accounts
-//   - When Service keyword is used in struct names, it refers to cloud integration service. CloudIntegrationService refers to DB schema.
-//     where `service` is services provided by each cloud provider like AWS S3, Azure BlobStorage etc.
-//   - When Service Config keyword is used in struct names, it refers to configuration for cloud integration services
-package cloudintegrationtypes
-
-import (
-	"database/sql/driver"
-	"encoding/json"
-	"strings"
-	"time"
-
-	"github.com/uptrace/bun"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-// CloudProviderType type alias
-type CloudProviderType struct{ valuer.String }
-
-var (
-	CloudProviderTypeAWS   = CloudProviderType{valuer.NewString("aws")}
-	CloudProviderTypeAzure = CloudProviderType{valuer.NewString("azure")}
-)
-
-var ErrCodeCloudProviderInvalidInput = errors.MustNewCode("invalid_cloud_provider")
-
-// NewCloudProvider returns a new CloudProviderType from a string. It validates the input and returns an error if the input is not valid.
-func NewCloudProvider(provider string) (CloudProviderType, error) {
-	switch provider {
-	case CloudProviderTypeAWS.StringValue():
-		return CloudProviderTypeAWS, nil
-	case CloudProviderTypeAzure.StringValue():
-		return CloudProviderTypeAzure, nil
-	default:
-		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider)
-	}
-}
-
-var (
-	AWSIntegrationUserEmail   = valuer.MustNewEmail("aws-integration@signoz.io")
-	AzureIntegrationUserEmail = valuer.MustNewEmail("azure-integration@signoz.io")
-)
-
-// CloudIntegrationUserEmails is the list of valid emails for Cloud One Click integrations.
-// This is used for validation and restrictions in different contexts, across codebase.
-var CloudIntegrationUserEmails = []valuer.Email{
-	AWSIntegrationUserEmail,
-	AzureIntegrationUserEmail,
-}
-
-func IsCloudIntegrationDashboardUuid(dashboardUuid string) bool {
-	parts := strings.SplitN(dashboardUuid, "--", 4)
-	if len(parts) != 4 {
-		return false
-	}
-
-	return parts[0] == "cloud-integration"
-}
-
-// GetCloudIntegrationDashboardID returns the cloud provider from dashboard id, if it's a cloud integration dashboard id.
-// throws an error if invalid format or invalid cloud provider is provided in the dashboard id.
-func GetCloudProviderFromDashboardID(dashboardUuid string) (CloudProviderType, error) {
-	parts := strings.SplitN(dashboardUuid, "--", 4)
-	if len(parts) != 4 {
-		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid dashboard uuid: %s", dashboardUuid)
-	}
-
-	providerStr := parts[1]
-
-	cloudProvider, err := NewCloudProvider(providerStr)
-	if err != nil {
-		return CloudProviderType{}, err
-	}
-
-	return cloudProvider, nil
-}
-
-// Generic utility functions for JSON serialization/deserialization
-// this is helpful to return right errors from a common place and avoid repeating the same code in multiple places.
-// UnmarshalJSON is a generic function to unmarshal JSON data into any type
-func UnmarshalJSON[T any](src []byte, target *T) error {
-	err := json.Unmarshal(src, target)
-	if err != nil {
-		return errors.WrapInternalf(
-			err, errors.CodeInternal, "couldn't deserialize JSON",
-		)
-	}
-	return nil
-}
-
-// MarshalJSON is a generic function to marshal any type to JSON
-func MarshalJSON[T any](source *T) ([]byte, error) {
-	if source == nil {
-		return nil, errors.NewInternalf(errors.CodeInternal, "source is nil")
-	}
-
-	serialized, err := json.Marshal(source)
-	if err != nil {
-		return nil, errors.WrapInternalf(
-			err, errors.CodeInternal, "couldn't serialize to JSON",
-		)
-	}
-	return serialized, nil
-}
-
-// GettableConnectedAccountsList is the response for listing connected accounts for a cloud provider.
-type GettableConnectedAccountsList struct {
-	Accounts []*Account `json:"accounts"`
-}
-
-// SigNozAgentConfig represents parameters required for agent deployment in cloud provider accounts
-// these represent parameters passed during agent deployment, how they are passed might change for each cloud provider but the purpose is same.
-type SigNozAgentConfig struct {
-	Region string `json:"region,omitempty"` // AWS-specific: The region in which SigNoz agent should be installed
-
-	IngestionUrl string `json:"ingestion_url"`
-	IngestionKey string `json:"ingestion_key"`
-	SigNozAPIUrl string `json:"signoz_api_url"`
-	SigNozAPIKey string `json:"signoz_api_key"`
-
-	Version string `json:"version,omitempty"`
-}
-
-// PostableConnectionArtifact represent request body for generating connection artifact API.
-// Data is request body raw bytes since each cloud provider will have have different request body structure and generics hardly help in such cases.
-// Artifact is a generic name for different types of connection methods like connection URL for AWS, connection command for Azure etc.
-type PostableConnectionArtifact struct {
-	OrgID string
-	Data  []byte // either PostableAWSConnectionUrl or PostableAzureConnectionCommand
-}
-
-// PostableAWSConnectionUrl is request body for AWS connection artifact API
-type PostableAWSConnectionUrl struct {
-	AgentConfig   *SigNozAgentConfig `json:"agent_config"`
-	AccountConfig *AWSAccountConfig  `json:"account_config"`
-}
-
-// PostableAzureConnectionCommand is request body for Azure connection artifact API
-type PostableAzureConnectionCommand struct {
-	AgentConfig   *SigNozAgentConfig  `json:"agent_config"`
-	AccountConfig *AzureAccountConfig `json:"account_config"`
-}
-
-// GettableAzureConnectionArtifact is Azure specific connection artifact which contains connection commands for agent deployment
-type GettableAzureConnectionArtifact struct {
-	AzureShellConnectionCommand string `json:"az_shell_connection_command"`
-	AzureCliConnectionCommand   string `json:"az_cli_connection_command"`
-}
-
-// GettableAWSConnectionUrl is AWS specific connection artifact which contains connection url for agent deployment
-type GettableAWSConnectionUrl struct {
-	AccountId     string `json:"account_id"`
-	ConnectionUrl string `json:"connection_url"`
-}
-
-// GettableAzureConnectionCommand is Azure specific connection artifact which contains connection commands for agent deployment
-type GettableAzureConnectionCommand struct {
-	AccountId                   string `json:"account_id"`
-	AzureShellConnectionCommand string `json:"az_shell_connection_command"`
-	AzureCliConnectionCommand   string `json:"az_cli_connection_command"`
-}
-
-// GettableAccountStatus is cloud integration account status response
-type GettableAccountStatus struct {
-	Id             string        `json:"id"`
-	CloudAccountId *string       `json:"cloud_account_id,omitempty"`
-	Status         AccountStatus `json:"status"`
-}
-
-// PostableAgentCheckInPayload is request body for agent check-in API.
-// This is used by agent to send heartbeat.
-type PostableAgentCheckInPayload struct {
-	ID        string `json:"account_id"`
-	AccountID string `json:"cloud_account_id"`
-	// Arbitrary cloud specific Agent data
-	Data  map[string]any `json:"data,omitempty"`
-	OrgID string         `json:"-"`
-}
-
-// AWSAgentIntegrationConfig is used by agent for deploying infra to send telemetry to SigNoz
-type AWSAgentIntegrationConfig struct {
-	EnabledRegions              []string               `json:"enabled_regions"`
-	TelemetryCollectionStrategy *AWSCollectionStrategy `json:"telemetry,omitempty"`
-}
-
-// AzureAgentIntegrationConfig is used by agent for deploying infra to send telemetry to SigNoz
-type AzureAgentIntegrationConfig struct {
-	DeploymentRegion      string   `json:"deployment_region"` // will not be changed once set
-	EnabledResourceGroups []string `json:"resource_groups"`
-	// TelemetryCollectionStrategy is map of service to telemetry config
-	TelemetryCollectionStrategy map[string]*AzureCollectionStrategy `json:"telemetry,omitempty"`
-}
-
-// GettableAgentCheckInRes is generic response from agent check-in API.
-// AWSAgentIntegrationConfig and AzureAgentIntegrationConfig these configs are used by agent to deploy the infra and send telemetry to SigNoz
-type GettableAgentCheckInRes[AgentConfigT any] struct {
-	AccountId         string       `json:"account_id"`
-	CloudAccountId    string       `json:"cloud_account_id"`
-	RemovedAt         *time.Time   `json:"removed_at"`
-	IntegrationConfig AgentConfigT `json:"integration_config"`
-}
-
-// UpdatableServiceConfig is generic
-type UpdatableServiceConfig[ServiceConfigT any] struct {
-	CloudAccountId string         `json:"cloud_account_id"`
-	Config         ServiceConfigT `json:"config"`
-}
-
-// ServiceConfigTyped is a generic interface for cloud integration service's configuration
-// this is generic interface to define helper functions for CloudIntegrationService.Config field.
-type ServiceConfigTyped[definition Definition] interface {
-	Validate(def definition) error
-	IsMetricsEnabled() bool
-	IsLogsEnabled() bool
-}
-
-type AWSServiceConfig struct {
-	Logs    *AWSServiceLogsConfig    `json:"logs,omitempty"`
-	Metrics *AWSServiceMetricsConfig `json:"metrics,omitempty"`
-}
-
-type AWSServiceLogsConfig struct {
-	Enabled   bool                `json:"enabled"`
-	S3Buckets map[string][]string `json:"s3_buckets,omitempty"`
-}
-
-type AWSServiceMetricsConfig struct {
-	Enabled bool `json:"enabled"`
-}
-
-// IsMetricsEnabled returns true if metrics collection is configured and enabled
-func (a *AWSServiceConfig) IsMetricsEnabled() bool {
-	return a.Metrics != nil && a.Metrics.Enabled
-}
-
-// IsLogsEnabled returns true if logs collection is configured and enabled
-func (a *AWSServiceConfig) IsLogsEnabled() bool {
-	return a.Logs != nil && a.Logs.Enabled
-}
-
-type AzureServiceConfig struct {
-	Logs    []*AzureServiceLogsConfig    `json:"logs,omitempty"`
-	Metrics []*AzureServiceMetricsConfig `json:"metrics,omitempty"`
-}
-
-// AzureServiceLogsConfig is Azure specific service config for logs
-type AzureServiceLogsConfig struct {
-	Enabled bool   `json:"enabled"`
-	Name    string `json:"name"`
-}
-
-// AzureServiceMetricsConfig is Azure specific service config for metrics
-type AzureServiceMetricsConfig struct {
-	Enabled bool   `json:"enabled"`
-	Name    string `json:"name"`
-}
-
-// IsMetricsEnabled returns true if any metric is configured and enabled
-func (a *AzureServiceConfig) IsMetricsEnabled() bool {
-	if a.Metrics == nil {
-		return false
-	}
-	for _, m := range a.Metrics {
-		if m.Enabled {
-			return true
-		}
-	}
-	return false
-}
-
-// IsLogsEnabled returns true if any log is configured and enabled
-func (a *AzureServiceConfig) IsLogsEnabled() bool {
-	if a.Logs == nil {
-		return false
-	}
-	for _, l := range a.Logs {
-		if l.Enabled {
-			return true
-		}
-	}
-	return false
-}
-
-func (a *AWSServiceConfig) Validate(def *AWSDefinition) error {
-	if def.Id != S3Sync.String() && a.Logs != nil && a.Logs.S3Buckets != nil {
-		return errors.NewInvalidInputf(errors.CodeInvalidInput, "s3 buckets can only be added to service-type[%s]", S3Sync)
-	} else if def.Id == S3Sync.String() && a.Logs != nil && a.Logs.S3Buckets != nil {
-		for region := range a.Logs.S3Buckets {
-			if _, found := ValidAWSRegions[region]; !found {
-				return errors.NewInvalidInputf(CodeInvalidCloudRegion, "invalid cloud region: %s", region)
-			}
-		}
-	}
-
-	return nil
-}
-
-func (a *AzureServiceConfig) Validate(def *AzureDefinition) error {
-	logsMap := make(map[string]bool)
-	metricsMap := make(map[string]bool)
-
-	if def.Strategy != nil && def.Strategy.Logs != nil {
-		for _, log := range def.Strategy.Logs {
-			logsMap[log.Name] = true
-		}
-	}
-
-	if def.Strategy != nil && def.Strategy.Metrics != nil {
-		for _, metric := range def.Strategy.Metrics {
-			metricsMap[metric.Name] = true
-		}
-	}
-
-	for _, log := range a.Logs {
-		if _, found := logsMap[log.Name]; !found {
-			return errors.NewInvalidInputf(errors.CodeInvalidInput, "invalid log name: %s", log.Name)
-		}
-	}
-
-	for _, metric := range a.Metrics {
-		if _, found := metricsMap[metric.Name]; !found {
-			return errors.NewInvalidInputf(errors.CodeInvalidInput, "invalid metric name: %s", metric.Name)
-		}
-	}
-
-	return nil
-}
-
-// UpdatableServiceConfigRes is response for UpdateServiceConfig API
-// TODO: find a better way to name this
-type UpdatableServiceConfigRes struct {
-	ServiceId string `json:"id"`
-	Config    any    `json:"config"`
-}
-
-// UpdatableAccountConfigTyped is a generic struct for updating cloud integration account config used in UpdateAccountConfig API
-type UpdatableAccountConfigTyped[AccountConfigT any] struct {
-	Config *AccountConfigT `json:"config"`
-}
-
-type (
-	UpdatableAWSAccountConfig   = UpdatableAccountConfigTyped[AWSAccountConfig]
-	UpdatableAzureAccountConfig = UpdatableAccountConfigTyped[AzureAccountConfig]
-)
-
-// AWSAccountConfig is the configuration for AWS cloud integration account
-type AWSAccountConfig struct {
-	EnabledRegions []string `json:"regions"`
-}
-
-// AzureAccountConfig is the configuration for Azure cloud integration account
-type AzureAccountConfig struct {
-	DeploymentRegion      string   `json:"deployment_region,omitempty"`
-	EnabledResourceGroups []string `json:"resource_groups,omitempty"`
-}
-
-// GettableServices is a generic struct for listing services of a cloud integration account used in ListServices API
-type GettableServices[ServiceSummaryT any] struct {
-	Services []ServiceSummaryT `json:"services"`
-}
-
-type (
-	GettableAWSServices   = GettableServices[AWSServiceSummary]
-	GettableAzureServices = GettableServices[AzureServiceSummary]
-)
-
-// GetServiceDetailsReq is a req struct for getting service definition details
-type GetServiceDetailsReq struct {
-	OrgID          valuer.UUID
-	ServiceId      string
-	CloudAccountID *string
-}
-
-// ServiceSummary is a generic struct for service summary used in ListServices API
-type ServiceSummary[ServiceConfigT any] struct {
-	DefinitionMetadata
-	Config *ServiceConfigT `json:"config"`
-}
-
-type (
-	AWSServiceSummary   = ServiceSummary[AWSServiceConfig]
-	AzureServiceSummary = ServiceSummary[AzureServiceConfig]
-)
-
-// GettableServiceDetails is a generic struct for service details used in GetServiceDetails API
-type GettableServiceDetails[DefinitionT any, ServiceConfigT any] struct {
-	Definition       DefinitionT              `json:",inline"`
-	Config           ServiceConfigT           `json:"config"`
-	ConnectionStatus *ServiceConnectionStatus `json:"status,omitempty"`
-}
-
-type (
-	GettableAWSServiceDetails   = GettableServiceDetails[AWSDefinition, *AWSServiceConfig]
-	GettableAzureServiceDetails = GettableServiceDetails[AzureDefinition, *AzureServiceConfig]
-)
-
-// ServiceConnectionStatus represents integration connection status for a particular service
-// this struct helps to check ingested data and determines connection status by whether data was ingested or not.
-// this is composite struct for both metrics and logs
-type ServiceConnectionStatus struct {
-	Logs    []*SignalConnectionStatus `json:"logs"`
-	Metrics []*SignalConnectionStatus `json:"metrics"`
-}
-
-// SignalConnectionStatus represents connection status for a particular signal type (logs or metrics) for a service
-// this struct is used in API responses for clients to show relevant information about the connection status.
-type SignalConnectionStatus struct {
-	CategoryID           string `json:"category"`
-	CategoryDisplayName  string `json:"category_display_name"`
-	LastReceivedTsMillis int64  `json:"last_received_ts_ms"` // epoch milliseconds
-	LastReceivedFrom     string `json:"last_received_from"`  // resource identifier
-}
-
-// GettableCloudIntegrationConnectionParams is response for connection params API
-type GettableCloudIntegrationConnectionParams struct {
-	IngestionUrl string `json:"ingestion_url,omitempty"`
-	IngestionKey string `json:"ingestion_key,omitempty"`
-	SigNozAPIUrl string `json:"signoz_api_url,omitempty"`
-	SigNozAPIKey string `json:"signoz_api_key,omitempty"`
-}
-
-// GettableIngestionKey is a struct for ingestion key returned from gateway
-type GettableIngestionKey struct {
-	Name  string `json:"name"`
-	Value string `json:"value"`
-	// other attributes from gateway response not included here since they are not being used.
-}
-
-// GettableIngestionKeysSearch is a struct for response of ingestion keys search API on gateway
-type GettableIngestionKeysSearch struct {
-	Status string                 `json:"status"`
-	Data   []GettableIngestionKey `json:"data"`
-	Error  string                 `json:"error"`
-}
-
-// GettableCreateIngestionKey is a struct for response of create ingestion key API on gateway
-type GettableCreateIngestionKey struct {
-	Status string               `json:"status"`
-	Data   GettableIngestionKey `json:"data"`
-	Error  string               `json:"error"`
-}
-
-// GettableDeployment is response struct for deployment details fetched from Zeus
-type GettableDeployment struct {
-	Name        string `json:"name"`
-	ClusterInfo struct {
-		Region struct {
-			DNS string `json:"dns"`
-		} `json:"region"`
-	} `json:"cluster"`
-}
-
-// --------------------------------------------------------------------------
-// DATABASE TYPES
-// --------------------------------------------------------------------------
-
-// --------------------------------------------------------------------------
-// Cloud integration uses the cloud_integration table
-// and cloud_integrations_service table
-// --------------------------------------------------------------------------
-
-type CloudIntegration struct {
-	bun.BaseModel `bun:"table:cloud_integration"`
-
-	types.Identifiable
-	types.TimeAuditable
-	Provider        string       `json:"provider" bun:"provider,type:text,unique:provider_id"`
-	Config          string       `json:"config" bun:"config,type:text"` // json serialized config
-	AccountID       *string      `json:"account_id" bun:"account_id,type:text"`
-	LastAgentReport *AgentReport `json:"last_agent_report" bun:"last_agent_report,type:text"`
-	RemovedAt       *time.Time   `json:"removed_at" bun:"removed_at,type:timestamp,nullzero"`
-	OrgID           string       `bun:"org_id,type:text,unique:provider_id"`
-}
-
-// Account represents a cloud integration account, this is used for business logic and API responses.
-type Account struct {
-	Id             string        `json:"id"`
-	CloudAccountId string        `json:"cloud_account_id"`
-	Config         any           `json:"config"` // AWSAccountConfig or AzureAccountConfig
-	Status         AccountStatus `json:"status"`
-}
-
-// AccountStatus is generic struct for cloud integration account status
-type AccountStatus struct {
-	Integration AccountIntegrationStatus `json:"integration"`
-}
-
-// AccountIntegrationStatus stores heartbeat information from agent check in
-type AccountIntegrationStatus struct {
-	LastHeartbeatTsMillis *int64 `json:"last_heartbeat_ts_ms"`
-}
-
-func (a *CloudIntegration) Status() AccountStatus {
-	status := AccountStatus{}
-	if a.LastAgentReport != nil {
-		lastHeartbeat := a.LastAgentReport.TimestampMillis
-		status.Integration.LastHeartbeatTsMillis = &lastHeartbeat
-	}
-	return status
-}
-
-func (a *CloudIntegration) Account(cloudProvider CloudProviderType) *Account {
-	ca := &Account{Id: a.ID.StringValue(), Status: a.Status()}
-
-	if a.AccountID != nil {
-		ca.CloudAccountId = *a.AccountID
-	}
-
-	ca.Config = map[string]interface{}{}
-
-	if len(a.Config) < 1 {
-		return ca
-	}
-
-	switch cloudProvider {
-	case CloudProviderTypeAWS:
-		config := new(AWSAccountConfig)
-		_ = UnmarshalJSON([]byte(a.Config), config)
-		ca.Config = config
-	case CloudProviderTypeAzure:
-		config := new(AzureAccountConfig)
-		_ = UnmarshalJSON([]byte(a.Config), config)
-		ca.Config = config
-	default:
-	}
-
-	return ca
-}
-
-type AgentReport struct {
-	TimestampMillis int64          `json:"timestamp_millis"`
-	Data            map[string]any `json:"data"`
-}
-
-// Scan scans data from db
-func (r *AgentReport) Scan(src any) error {
-	var data []byte
-	switch v := src.(type) {
-	case []byte:
-		data = v
-	case string:
-		data = []byte(v)
-	default:
-		return errors.NewInternalf(errors.CodeInternal, "tried to scan from %T instead of string or bytes", src)
-	}
-
-	return json.Unmarshal(data, r)
-}
-
-// Value serializes data to bytes for db insertion
-func (r *AgentReport) Value() (driver.Value, error) {
-	if r == nil {
-		return nil, errors.NewInternalf(errors.CodeInternal, "agent report is nil")
-	}
-
-	serialized, err := json.Marshal(r)
-	if err != nil {
-		return nil, errors.WrapInternalf(
-			err, errors.CodeInternal, "couldn't serialize agent report to JSON",
-		)
-	}
-	return serialized, nil
-}
-
-type CloudIntegrationService struct {
-	bun.BaseModel `bun:"table:cloud_integration_service,alias:cis"`
-
-	types.Identifiable
-	types.TimeAuditable
-	Type               string `bun:"type,type:text,notnull,unique:cloud_integration_id_type"`
-	Config             string `bun:"config,type:text"` // json serialized config
-	CloudIntegrationID string `bun:"cloud_integration_id,type:text,notnull,unique:cloud_integration_id_type,references:cloud_integrations(id),on_delete:cascade"`
-}

pkg/types/cloudintegrationtypes/regions.go

@@ -1,103 +0,0 @@
-package cloudintegrationtypes
-
-import (
-	"github.com/SigNoz/signoz/pkg/errors"
-)
-
-var (
-	CodeInvalidCloudRegion    = errors.MustNewCode("invalid_cloud_region")
-	CodeMismatchCloudProvider = errors.MustNewCode("cloud_provider_mismatch")
-)
-
-// List of all valid cloud regions on Amazon Web Services
-var ValidAWSRegions = map[string]bool{
-	"af-south-1":     true, // Africa (Cape Town).
-	"ap-east-1":      true, // Asia Pacific (Hong Kong).
-	"ap-northeast-1": true, // Asia Pacific (Tokyo).
-	"ap-northeast-2": true, // Asia Pacific (Seoul).
-	"ap-northeast-3": true, // Asia Pacific (Osaka).
-	"ap-south-1":     true, // Asia Pacific (Mumbai).
-	"ap-south-2":     true, // Asia Pacific (Hyderabad).
-	"ap-southeast-1": true, // Asia Pacific (Singapore).
-	"ap-southeast-2": true, // Asia Pacific (Sydney).
-	"ap-southeast-3": true, // Asia Pacific (Jakarta).
-	"ap-southeast-4": true, // Asia Pacific (Melbourne).
-	"ca-central-1":   true, // Canada (Central).
-	"ca-west-1":      true, // Canada West (Calgary).
-	"eu-central-1":   true, // Europe (Frankfurt).
-	"eu-central-2":   true, // Europe (Zurich).
-	"eu-north-1":     true, // Europe (Stockholm).
-	"eu-south-1":     true, // Europe (Milan).
-	"eu-south-2":     true, // Europe (Spain).
-	"eu-west-1":      true, // Europe (Ireland).
-	"eu-west-2":      true, // Europe (London).
-	"eu-west-3":      true, // Europe (Paris).
-	"il-central-1":   true, // Israel (Tel Aviv).
-	"me-central-1":   true, // Middle East (UAE).
-	"me-south-1":     true, // Middle East (Bahrain).
-	"sa-east-1":      true, // South America (Sao Paulo).
-	"us-east-1":      true, // US East (N. Virginia).
-	"us-east-2":      true, // US East (Ohio).
-	"us-west-1":      true, // US West (N. California).
-	"us-west-2":      true, // US West (Oregon).
-}
-
-// List of all valid cloud regions for Microsoft Azure
-var ValidAzureRegions = map[string]bool{
-	"australiacentral":   true, // Australia Central
-	"australiacentral2":  true, // Australia Central 2
-	"australiaeast":      true, // Australia East
-	"australiasoutheast": true, // Australia Southeast
-	"austriaeast":        true, // Austria East
-	"belgiumcentral":     true, // Belgium Central
-	"brazilsouth":        true, // Brazil South
-	"brazilsoutheast":    true, // Brazil Southeast
-	"canadacentral":      true, // Canada Central
-	"canadaeast":         true, // Canada East
-	"centralindia":       true, // Central India
-	"centralus":          true, // Central US
-	"chilecentral":       true, // Chile Central
-	"denmarkeast":        true, // Denmark East
-	"eastasia":           true, // East Asia
-	"eastus":             true, // East US
-	"eastus2":            true, // East US 2
-	"francecentral":      true, // France Central
-	"francesouth":        true, // France South
-	"germanynorth":       true, // Germany North
-	"germanywestcentral": true, // Germany West Central
-	"indonesiacentral":   true, // Indonesia Central
-	"israelcentral":      true, // Israel Central
-	"italynorth":         true, // Italy North
-	"japaneast":          true, // Japan East
-	"japanwest":          true, // Japan West
-	"koreacentral":       true, // Korea Central
-	"koreasouth":         true, // Korea South
-	"malaysiawest":       true, // Malaysia West
-	"mexicocentral":      true, // Mexico Central
-	"newzealandnorth":    true, // New Zealand North
-	"northcentralus":     true, // North Central US
-	"northeurope":        true, // North Europe
-	"norwayeast":         true, // Norway East
-	"norwaywest":         true, // Norway West
-	"polandcentral":      true, // Poland Central
-	"qatarcentral":       true, // Qatar Central
-	"southafricanorth":   true, // South Africa North
-	"southafricawest":    true, // South Africa West
-	"southcentralus":     true, // South Central US
-	"southindia":         true, // South India
-	"southeastasia":      true, // Southeast Asia
-	"spaincentral":       true, // Spain Central
-	"swedencentral":      true, // Sweden Central
-	"switzerlandnorth":   true, // Switzerland North
-	"switzerlandwest":    true, // Switzerland West
-	"uaecentral":         true, // UAE Central
-	"uaenorth":           true, // UAE North
-	"uksouth":            true, // UK South
-	"ukwest":             true, // UK West
-	"westcentralus":      true, // West Central US
-	"westeurope":         true, // West Europe
-	"westindia":          true, // West India
-	"westus":             true, // West US
-	"westus2":            true, // West US 2
-	"westus3":            true, // West US 3
-}

pkg/types/cloudintegrationtypes/servicedefinitions.go

@@ -1,263 +0,0 @@
-package cloudintegrationtypes
-
-import (
-	"fmt"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-var S3Sync = valuer.NewString("s3sync")
-
-// Generic interface for cloud service definition.
-// This is implemented by AWSDefinition and AzureDefinition, which represent service definitions for AWS and Azure respectively.
-// Generics work well so far because service definitions share a similar logic.
-// We dont want to over-do generics as well, if the service definitions functionally diverge in the future consider breaking generics.
-type Definition interface {
-	GetId() string
-	Validate() error
-	PopulateDashboardURLs(cloudProvider CloudProviderType, svcId string)
-	GetIngestionStatusCheck() *IngestionStatusCheck
-	GetAssets() Assets
-}
-
-// AWSDefinition represents AWS Service definition, which includes collection strategy, dashboards and meta info for integration
-type AWSDefinition = ServiceDefinition[AWSCollectionStrategy]
-
-// AzureDefinition represents Azure Service definition, which includes collection strategy, dashboards and meta info for integration
-type AzureDefinition = ServiceDefinition[AzureCollectionStrategy]
-
-// Making AWSDefinition and AzureDefinition satisfy Definition interface, so that they can be used in a generic way
-var (
-	_ Definition = &AWSDefinition{}
-	_ Definition = &AzureDefinition{}
-)
-
-// ServiceDefinition represents generic struct for cloud service, regardless of the cloud provider.
-// this struct must satify Definition interface.
-// StrategyT is of either AWSCollectionStrategy or AzureCollectionStrategy, depending on the cloud provider.
-type ServiceDefinition[StrategyT any] struct {
-	DefinitionMetadata
-	Overview             string                `json:"overview"` // markdown
-	Assets               Assets                `json:"assets"`
-	SupportedSignals     SupportedSignals      `json:"supported_signals"`
-	DataCollected        DataCollected         `json:"data_collected"`
-	IngestionStatusCheck *IngestionStatusCheck `json:"ingestion_status_check,omitempty"`
-	Strategy             *StrategyT            `json:"telemetry_collection_strategy"`
-}
-
-// Following methods are quite self explanatory, they are just to satisfy the Definition interface and provide some utility functions for service definitions.
-func (def *ServiceDefinition[StrategyT]) GetId() string {
-	return def.Id
-}
-
-func (def *ServiceDefinition[StrategyT]) Validate() error {
-	seenDashboardIds := map[string]interface{}{}
-
-	if def.Strategy == nil {
-		return errors.NewInternalf(errors.CodeInternal, "telemetry_collection_strategy is required")
-	}
-
-	for _, dd := range def.Assets.Dashboards {
-		if _, seen := seenDashboardIds[dd.Id]; seen {
-			return errors.NewInternalf(errors.CodeInternal, "multiple dashboards found with id %s", dd.Id)
-		}
-		seenDashboardIds[dd.Id] = nil
-	}
-
-	return nil
-}
-
-func (def *ServiceDefinition[StrategyT]) PopulateDashboardURLs(cloudProvider CloudProviderType, svcId string) {
-	for i := range def.Assets.Dashboards {
-		dashboardId := def.Assets.Dashboards[i].Id
-		url := "/dashboard/" + GetCloudIntegrationDashboardID(cloudProvider, svcId, dashboardId)
-		def.Assets.Dashboards[i].Url = url
-	}
-}
-
-func (def *ServiceDefinition[StrategyT]) GetIngestionStatusCheck() *IngestionStatusCheck {
-	return def.IngestionStatusCheck
-}
-
-func (def *ServiceDefinition[StrategyT]) GetAssets() Assets {
-	return def.Assets
-}
-
-// DefinitionMetadata represents service definition metadata. This is useful for showing service overview
-type DefinitionMetadata struct {
-	Id    string `json:"id"`
-	Title string `json:"title"`
-	Icon  string `json:"icon"`
-}
-
-// IngestionStatusCheckCategory represents a category of ingestion status check. Applies for both metrics and logs.
-// A category can be "Overview" of metrics or "Enhanced" Metrics for AWS, and "Transaction" or "Capacity" metrics for Azure.
-// Each category can have multiple checks (AND logic), if all checks pass,
-// then we can be sure that data is being ingested for that category of the signal
-type IngestionStatusCheckCategory struct {
-	Category    string                           `json:"category"`
-	DisplayName string                           `json:"display_name"`
-	Checks      []*IngestionStatusCheckAttribute `json:"checks"`
-}
-
-// IngestionStatusCheckAttribute represents a check or condition for ingestion status.
-// Key can be metric name or part of log message
-type IngestionStatusCheckAttribute struct {
-	Key        string                                 `json:"key"` // OPTIONAL search key (metric name or log message)
-	Attributes []*IngestionStatusCheckAttributeFilter `json:"attributes"`
-}
-
-// IngestionStatusCheck represents combined checks for metrics and logs for a service
-type IngestionStatusCheck struct {
-	Metrics []*IngestionStatusCheckCategory `json:"metrics"`
-	Logs    []*IngestionStatusCheckCategory `json:"logs"`
-}
-
-// IngestionStatusCheckAttributeFilter represents filter for a check, which can be used to filter specific log messages or metrics with specific attributes.
-// For example, we can use it to filter logs with specific log level or metrics with specific dimensions.
-type IngestionStatusCheckAttributeFilter struct {
-	Name     string `json:"name"`
-	Operator string `json:"operator"`
-	Value    string `json:"value"` // OPTIONAL
-}
-
-// Assets represents the collection of dashboards
-type Assets struct {
-	Dashboards []Dashboard `json:"dashboards"`
-}
-
-// SupportedSignals for cloud provider's service
-type SupportedSignals struct {
-	Logs    bool `json:"logs"`
-	Metrics bool `json:"metrics"`
-}
-
-// DataCollected is curated static list of metrics and logs, this is shown as part of service overview
-type DataCollected struct {
-	Logs    []CollectedLogAttribute `json:"logs"`
-	Metrics []CollectedMetric       `json:"metrics"`
-}
-
-// CollectedLogAttribute represents a log attribute that is present in all log entries for a service,
-// this is shown as part of service overview
-type CollectedLogAttribute struct {
-	Name string `json:"name"`
-	Path string `json:"path"`
-	Type string `json:"type"`
-}
-
-// CollectedMetric represents a metric that is collected for a service, this is shown as part of service overview
-type CollectedMetric struct {
-	Name        string `json:"name"`
-	Type        string `json:"type"`
-	Unit        string `json:"unit"`
-	Description string `json:"description"`
-}
-
-// AWSCollectionStrategy represents signal collection strategy for AWS services.
-// this is AWS specific.
-type AWSCollectionStrategy struct {
-	Metrics   *AWSMetricsStrategy `json:"aws_metrics,omitempty"`
-	Logs      *AWSLogsStrategy    `json:"aws_logs,omitempty"`
-	S3Buckets map[string][]string `json:"s3_buckets,omitempty"` // Only available in S3 Sync Service Type in AWS
-}
-
-// AzureCollectionStrategy represents signal collection strategy for Azure services.
-// this is Azure specific.
-type AzureCollectionStrategy struct {
-	Metrics []*AzureMetricsStrategy `json:"azure_metrics,omitempty"`
-	Logs    []*AzureLogsStrategy    `json:"azure_logs,omitempty"`
-}
-
-// AWSMetricsStrategy represents metrics collection strategy for AWS services.
-// this is AWS specific.
-type AWSMetricsStrategy struct {
-	// to be used as https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-metricstream.html#cfn-cloudwatch-metricstream-includefilters
-	StreamFilters []struct {
-		// json tags here are in the shape expected by AWS API as detailed at
-		// https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-metricstream-metricstreamfilter.html
-		Namespace   string   `json:"Namespace"`
-		MetricNames []string `json:"MetricNames,omitempty"`
-	} `json:"cloudwatch_metric_stream_filters"`
-}
-
-// AWSLogsStrategy represents logs collection strategy for AWS services.
-// this is AWS specific.
-type AWSLogsStrategy struct {
-	Subscriptions []struct {
-		// subscribe to all logs groups with specified prefix.
-		// eg: `/aws/rds/`
-		LogGroupNamePrefix string `json:"log_group_name_prefix"`
-
-		// https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
-		// "" implies no filtering is required.
-		FilterPattern string `json:"filter_pattern"`
-	} `json:"cloudwatch_logs_subscriptions"`
-}
-
-// AzureMetricsStrategy represents metrics collection strategy for Azure services.
-// this is Azure specific.
-type AzureMetricsStrategy struct {
-	CategoryType string `json:"category_type"`
-	Name         string `json:"name"`
-}
-
-// AzureLogsStrategy represents logs collection strategy for Azure services.
-// this is Azure specific. Even though this is similar to AzureMetricsStrategy, keeping it separate for future flexibility and clarity.
-type AzureLogsStrategy struct {
-	CategoryType string `json:"category_type"`
-	Name         string `json:"name"`
-}
-
-// Dashboard represents a dashboard definition for cloud integration.
-type Dashboard struct {
-	Id          string                                `json:"id"`
-	Url         string                                `json:"url"`
-	Title       string                                `json:"title"`
-	Description string                                `json:"description"`
-	Image       string                                `json:"image"`
-	Definition  *dashboardtypes.StorableDashboardData `json:"definition,omitempty"`
-}
-
-// UTILS
-
-// GetCloudIntegrationDashboardID returns the dashboard id for a cloud integration, given the cloud provider, service id, and dashboard id.
-// This is used to generate unique dashboard ids for cloud integration, and also to parse the dashboard id to get the cloud provider and service id when needed.
-func GetCloudIntegrationDashboardID(cloudProvider CloudProviderType, svcId, dashboardId string) string {
-	return fmt.Sprintf("cloud-integration--%s--%s--%s", cloudProvider, svcId, dashboardId)
-}
-
-// GetDashboardsFromAssets returns the list of dashboards for the cloud provider service from definition
-func GetDashboardsFromAssets(
-	svcId string,
-	orgID valuer.UUID,
-	cloudProvider CloudProviderType,
-	createdAt *time.Time,
-	assets Assets,
-) []*dashboardtypes.Dashboard {
-	dashboards := make([]*dashboardtypes.Dashboard, 0)
-
-	for _, d := range assets.Dashboards {
-		author := fmt.Sprintf("%s-integration", cloudProvider)
-		dashboards = append(dashboards, &dashboardtypes.Dashboard{
-			ID:     GetCloudIntegrationDashboardID(cloudProvider, svcId, d.Id),
-			Locked: true,
-			OrgID:  orgID,
-			Data:   *d.Definition,
-			TimeAuditable: types.TimeAuditable{
-				CreatedAt: *createdAt,
-				UpdatedAt: *createdAt,
-			},
-			UserAuditable: types.UserAuditable{
-				CreatedBy: author,
-				UpdatedBy: author,
-			},
-		})
-	}
-
-	return dashboards
-}

pkg/types/cloudintegrationtypes/store.go

@@ -1,42 +0,0 @@
-package cloudintegrationtypes
-
-import (
-	"context"
-	"time"
-)
-
-type CloudIntegrationAccountStore interface {
-	ListConnected(ctx context.Context, orgId string, provider string) ([]CloudIntegration, error)
-
-	Get(ctx context.Context, orgId string, provider string, id string) (*CloudIntegration, error)
-
-	GetConnectedCloudAccount(ctx context.Context, orgId, provider string, accountID string) (*CloudIntegration, error)
-
-	// Insert an account or update it by (cloudProvider, id)
-	// for specified non-empty fields
-	Upsert(
-		ctx context.Context,
-		orgId string,
-		provider string,
-		id *string,
-		config []byte,
-		accountId *string,
-		agentReport *AgentReport,
-		removedAt *time.Time,
-	) (*CloudIntegration, error)
-}
-
-type CloudIntegrationServiceStore interface {
-	Get(ctx context.Context, orgID, cloudAccountId, serviceType string) ([]byte, error)
-
-	Upsert(
-		ctx context.Context,
-		orgID,
-		cloudProvider,
-		cloudAccountId,
-		serviceId string,
-		config []byte,
-	) ([]byte, error)
-
-	GetAllForAccount(ctx context.Context, orgID, cloudAccountId string) (map[string][]byte, error)
-}