feat: adding cloud integration type for refactor

docs/contributing/go/packages.md

@@ -0,0 +1,126 @@
+# Packages
+
+All shared Go code in SigNoz lives under `pkg/`. Each package represents a distinct domain concept and exposes a clear public interface. This guide covers the conventions for creating, naming, and organising packages so the codebase stays consistent as it grows.
+
+## How should I name a package?
+
+Use short, lowercase, single-word names. No underscores or camelCase (`querier`, `cache`, `authz`, not `query_builder` or `dataStore`).
+
+Names must be **domain-specific**. A package name should tell you what problem domain it deals with, not what data structure it wraps. Prefer `alertmanager` over `manager`, `licensing` over `checker`.
+
+Avoid generic names like `util`, `helpers`, `common`, `misc`, or `base`. If you can't name it, the code probably belongs in an existing package.
+
+## When should I create a new package?
+
+Create a new package when:
+
+- The functionality represents a **distinct domain concept** (e.g., `authz`, `licensing`, `cache`).
+- Two or more other packages would import it; it serves as shared infrastructure.
+- The code has a clear public interface that can stand on its own.
+
+Do **not** create a new package when:
+
+- There is already a package that covers the same domain. Extend the existing package instead.
+- The code is only used in one place. Keep it local to the caller.
+- You are splitting purely for file size. Use multiple files within the same package instead.
+
+## How should I lay out a package?
+
+A typical package looks like:
+
+```
+pkg/cache/
+├── cache.go            # Public interface + exported types
+├── config.go           # Configuration types if needed
+├── memorycache/        # Implementation sub-package
+├── rediscache/         # Another implementation
+└── cachetest/          # Test helpers for consumers
+```
+
+Follow these rules:
+
+1. **Interface-first file**: The file matching the package name (e.g., `cache.go` in `pkg/cache/`) should define the public interface and core exported types. Keep implementation details out of this file.
+
+2. **One responsibility per file**: Name files after what they contain (`config.go`, `handler.go`, `service.go`), not after the package name. If a package merges two concerns, prefix files to group them (e.g., `memory_store.go`, `redis_store.go` in a storage package).
+
+3. **Sub-packages for implementations**: When a package defines an interface with multiple implementations, put each implementation in its own sub-package (`memorycache/`, `rediscache/`). This keeps the parent package import-free of implementation dependencies.
+
+4. **Test helpers in `{pkg}test/`**: If consumers need test mocks or builders, put them in a `{pkg}test/` sub-package (e.g., `cachetest/`, `sqlstoretest/`). This avoids polluting the main package with test-only code.
+
+5. **Test files stay alongside source**: Unit tests go in `_test.go` files next to the code they test, in the same package.
+
+## How should I name symbols?
+
+### Exported symbols
+
+- **Interfaces**: For single-method interfaces, follow the standard `-er` suffix convention (`Reader`, `Writer`, `Closer`). For multi-method interfaces, use clear nouns (`Cache`, `Store`, `Provider`).
+- **Constructors**: `New<Type>(...)` (e.g., `NewMemoryCache()`).
+- **Avoid stutter**: Since callers qualify with the package name, don't repeat it. Write `cache.Cache`, not `cache.CacheInterface`. Write `authz.FromRole`, not `authz.AuthzFromRole`.
+
+### Unexported symbols
+
+- Struct receivers: one or two characters (`c`, `f`, `br`).
+- Helper functions: descriptive lowercase names (`parseToken`, `buildQuery`).
+
+### Constants
+
+- Use `PascalCase` for exported constants.
+- When merging files from different origins into one package, watch out for **name collisions** across files. Prefix to disambiguate when two types share a natural name.
+
+## How should I organise imports?
+
+Group imports in three blocks separated by blank lines:
+
+```go
+import (
+    // 1. Standard library
+    "fmt"
+    "net/http"
+
+    // 2. External dependencies
+    "github.com/gorilla/mux"
+
+    // 3. Internal
+    "github.com/SigNoz/signoz/pkg/errors"
+    "github.com/SigNoz/signoz/pkg/types"
+)
+```
+
+Never introduce circular imports. If package A needs package B and B needs A, extract the shared types into a third package (often under `pkg/types/`).
+
+## Where do shared types go?
+
+Most types belong in `pkg/types/` under a domain-specific sub-package (e.g., `pkg/types/ruletypes`, `pkg/types/authtypes`).
+
+Do not put domain logic in `pkg/types/`. Only data structures, constants, and simple methods.
+
+## How do I merge or move packages?
+
+When two packages are tightly coupled (one imports the other's constants, they cover the same domain), merge them:
+
+1. Pick a domain-specific name for the combined package.
+2. Prefix files to preserve origin (e.g., `memory_store.go`, `redis_store.go`).
+3. Resolve symbol conflicts explicitly; rename with a prefix rather than silently shadowing.
+4. Update all consumers in a single change.
+5. Delete the old packages. Do not leave behind re-export shims.
+6. Verify with `go build ./...`, `go test ./<new-pkg>/...`, and `go vet ./...`.
+
+## When should I add documentation?
+
+Add a `doc.go` with a package-level comment for any package that is non-trivial or has multiple consumers. Keep it to 1–3 sentences:
+
+```go
+// Package cache provides a caching interface with pluggable backends
+// for in-memory and Redis-based storage.
+package cache
+```
+
+## What should I remember?
+
+- Package names are domain-specific and lowercase. Never generic names like `util` or `common`.
+- The file matching the package name (e.g., `cache.go`) defines the public interface. Implementation details go elsewhere.
+- Never introduce circular imports. Extract shared types into `pkg/types/` when needed.
+- Watch for symbol name collisions when merging packages, prefix to disambiguate.
+- Put test helpers in a `{pkg}test/` sub-package, not in the main package.
+- Before submitting, verify with `go build ./...`, `go test ./<your-pkg>/...`, and `go vet ./...`.
+- Update all consumers when you rename or move symbols.

docs/contributing/go/readme.md

@@ -8,4 +8,13 @@ We adhere to three primary style guides as our foundation:
 - [Code Review Comments](https://go.dev/wiki/CodeReviewComments) - For understanding common comments in code reviews
 - [Google Style Guide](https://google.github.io/styleguide/go/) - Additional practices from Google
 
-We **recommend** (almost enforce) reviewing these guides before contributing to the codebase. They provide valuable insights into writing idiomatic Go code and will help you understand our approach to backend development. In addition, we have a few additional rules that make certain areas stricter than the above which can be found in area-specific files in this package.
+We **recommend** (almost enforce) reviewing these guides before contributing to the codebase. They provide valuable insights into writing idiomatic Go code and will help you understand our approach to backend development. In addition, we have a few additional rules that make certain areas stricter than the above which can be found in area-specific files in this package:
+
+- [Packages](packages.md) — Naming, layout, and conventions for `pkg/` packages
+- [Errors](errors.md) — Structured error handling
+- [Handler](handler.md) — Writing HTTP handlers and OpenAPI integration
+- [Endpoint](endpoint.md) — Endpoint conventions
+- [SQL](sql.md) — Database query patterns
+- [Provider](provider.md) — Provider pattern
+- [Integration](integration.md) — Integration conventions
+- [Flagger](flagger.md) — Feature flag conventions

frontend/package.json

@@ -60,7 +60,6 @@
 		"@signozhq/sonner": "0.1.0",
 		"@signozhq/switch": "0.0.2",
 		"@signozhq/table": "0.3.7",
-		"@signozhq/toggle-group": "^0.0.1",
 		"@signozhq/tooltip": "0.0.2",
 		"@tanstack/react-table": "8.20.6",
 		"@tanstack/react-virtual": "3.11.2",

frontend/public/locales/en-GB/routes.json

@@ -13,6 +13,5 @@
 	"pipelines": "Pipelines",
 	"archives": "Archives",
 	"logs_to_metrics": "Logs To Metrics",
-	"roles": "Roles",
-	"role_details": "Role Details"
+	"roles": "Roles"
 }

frontend/public/locales/en/routes.json

@@ -13,6 +13,5 @@
 	"pipelines": "Pipelines",
 	"archives": "Archives",
 	"logs_to_metrics": "Logs To Metrics",
-	"roles": "Roles",
-	"role_details": "Role Details"
+	"roles": "Roles"
 }

frontend/src/auto-import-registry.d.ts

@@ -26,5 +26,4 @@ import '@signozhq/resizable';
 import '@signozhq/sonner';
 import '@signozhq/switch';
 import '@signozhq/table';
-import '@signozhq/toggle-group';
 import '@signozhq/tooltip';

frontend/src/constants/routes.ts

@@ -56,7 +56,6 @@ const ROUTES = {
 	TRACE_EXPLORER: '/trace-explorer',
 	BILLING: '/settings/billing',
 	ROLES_SETTINGS: '/settings/roles',
-	ROLE_DETAILS: '/settings/roles/:roleId',
 	SUPPORT: '/support',
 	LOGS_SAVE_VIEWS: '/logs/saved-views',
 	TRACES_SAVE_VIEWS: '/traces/saved-views',

frontend/src/container/Download/Download.tsx

@@ -1,6 +1,6 @@
+import { useState } from 'react';
 import { CloudDownloadOutlined } from '@ant-design/icons';
 import { Button, Dropdown, MenuProps } from 'antd';
-import { Excel } from 'antd-table-saveas-excel';
 import { unparse } from 'papaparse';
 
 import { DownloadProps } from './Download.types';
@@ -8,25 +8,36 @@ import { DownloadProps } from './Download.types';
 import './Download.styles.scss';
 
 function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
-	const downloadExcelFile = (): void => {
-		const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
-			const updatedTitle = item
-				.split('_')
-				.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
-				.join(' ');
-			return {
-				title: updatedTitle,
-				dataIndex: item,
-			};
-		});
-		const excel = new Excel();
-		excel
-			.addSheet(fileName)
-			.addColumns(headers)
-			.addDataSource(data, {
-				str2Percent: true,
-			})
-			.saveAs(`${fileName}.xlsx`);
+	const [isDownloading, setIsDownloading] = useState(false);
+
+	const downloadExcelFile = async (): Promise<void> => {
+		setIsDownloading(true);
+
+		try {
+			const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
+				const updatedTitle = item
+					.split('_')
+					.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
+					.join(' ');
+				return {
+					title: updatedTitle,
+					dataIndex: item,
+				};
+			});
+
+			const excelLib = await import('antd-table-saveas-excel');
+
+			const excel = new excelLib.Excel();
+			excel
+				.addSheet(fileName)
+				.addColumns(headers)
+				.addDataSource(data, {
+					str2Percent: true,
+				})
+				.saveAs(`${fileName}.xlsx`);
+		} finally {
+			setIsDownloading(false);
+		}
 	};
 
 	const downloadCsvFile = (): void => {
@@ -59,7 +70,7 @@ function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
 		<Dropdown menu={menu} trigger={['click']}>
 			<Button
 				className="download-button"
-				loading={isLoading}
+				loading={isLoading || isDownloading}
 				size="small"
 				type="link"
 			>

frontend/src/container/DownloadV2/DownloadV2.tsx

@@ -1,5 +1,5 @@
+import { useState } from 'react';
 import { Button, Popover, Typography } from 'antd';
-import { Excel } from 'antd-table-saveas-excel';
 import { FileDigit, FileDown, Sheet } from 'lucide-react';
 import { unparse } from 'papaparse';
 
@@ -8,25 +8,34 @@ import { DownloadProps } from './DownloadV2.types';
 import './DownloadV2.styles.scss';
 
 function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
-	const downloadExcelFile = (): void => {
-		const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
-			const updatedTitle = item
-				.split('_')
-				.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
-				.join(' ');
-			return {
-				title: updatedTitle,
-				dataIndex: item,
-			};
-		});
-		const excel = new Excel();
-		excel
-			.addSheet(fileName)
-			.addColumns(headers)
-			.addDataSource(data, {
-				str2Percent: true,
-			})
-			.saveAs(`${fileName}.xlsx`);
+	const [isDownloading, setIsDownloading] = useState(false);
+
+	const downloadExcelFile = async (): Promise<void> => {
+		setIsDownloading(true);
+
+		try {
+			const headers = Object.keys(Object.assign({}, ...data)).map((item) => {
+				const updatedTitle = item
+					.split('_')
+					.map((word) => word.charAt(0).toUpperCase() + word.slice(1))
+					.join(' ');
+				return {
+					title: updatedTitle,
+					dataIndex: item,
+				};
+			});
+			const excelLib = await import('antd-table-saveas-excel');
+			const excel = new excelLib.Excel();
+			excel
+				.addSheet(fileName)
+				.addColumns(headers)
+				.addDataSource(data, {
+					str2Percent: true,
+				})
+				.saveAs(`${fileName}.xlsx`);
+		} finally {
+			setIsDownloading(false);
+		}
 	};
 
 	const downloadCsvFile = (): void => {
@@ -54,6 +63,7 @@ function Download({ data, isLoading, fileName }: DownloadProps): JSX.Element {
 						type="text"
 						onClick={downloadExcelFile}
 						className="action-btns"
+						loading={isDownloading}
 					>
 						Excel (.xlsx)
 					</Button>

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.styles.scss

@@ -1,315 +0,0 @@
-.permission-side-panel-backdrop {
-	position: fixed;
-	inset: 0;
-	z-index: 100;
-	background: transparent;
-}
-
-.permission-side-panel {
-	position: fixed;
-	top: 0;
-	right: 0;
-	bottom: 0;
-	z-index: 101;
-	width: 720px;
-	display: flex;
-	flex-direction: column;
-	background: var(--l2-background);
-	border-left: 1px solid var(--l2-border);
-	box-shadow: -4px 10px 16px 2px rgba(0, 0, 0, 0.2);
-
-	&__header {
-		display: flex;
-		align-items: center;
-		gap: 16px;
-		flex-shrink: 0;
-		height: 48px;
-		padding: 0 16px;
-		background: var(--l2-background);
-		border-bottom: 1px solid var(--l2-border);
-	}
-
-	&__close {
-		width: 16px;
-		height: 16px;
-		padding: 0;
-		color: var(--foreground);
-		flex-shrink: 0;
-
-		&:hover {
-			color: var(--text-base-white);
-		}
-	}
-
-	&__header-divider {
-		display: block;
-		width: 1px;
-		height: 16px;
-		background: var(--l2-border);
-		flex-shrink: 0;
-	}
-
-	&__title {
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 400;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-		color: var(--foreground);
-	}
-
-	&__content {
-		flex: 1;
-		overflow-y: auto;
-		padding: 12px 15px;
-	}
-
-	&__resource-list {
-		display: flex;
-		flex-direction: column;
-		border: 1px solid var(--l2-border);
-		border-radius: 4px;
-		overflow: hidden;
-	}
-
-	&__footer {
-		display: flex;
-		align-items: center;
-		justify-content: flex-end;
-		flex-shrink: 0;
-		height: 56px;
-		padding: 0 16px;
-		gap: 12px;
-		background: var(--l2-background);
-		border-top: 1px solid var(--l2-border);
-	}
-
-	&__unsaved {
-		display: flex;
-		align-items: center;
-		gap: 8px;
-		margin-right: auto;
-	}
-
-	&__unsaved-dot {
-		display: block;
-		width: 6px;
-		height: 6px;
-		border-radius: 50px;
-		background: var(--primary);
-		box-shadow: 0px 0px 6px 0px rgba(78, 116, 248, 0.4);
-		flex-shrink: 0;
-	}
-
-	&__unsaved-text {
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 400;
-		line-height: 24px;
-		letter-spacing: -0.07px;
-		color: var(--primary);
-	}
-
-	&__footer-actions {
-		display: flex;
-		align-items: center;
-		gap: 12px;
-	}
-}
-
-.psp-resource {
-	display: flex;
-	flex-direction: column;
-	border-bottom: 1px solid var(--l2-border);
-
-	&:last-child {
-		border-bottom: none;
-	}
-
-	&__row {
-		display: flex;
-		align-items: center;
-		justify-content: space-between;
-		padding: 12px 16px;
-		cursor: pointer;
-		transition: background 0.15s ease;
-
-		&--expanded {
-			background: rgba(171, 189, 255, 0.04);
-		}
-
-		&:hover {
-			background: rgba(171, 189, 255, 0.03);
-		}
-	}
-
-	&__left {
-		display: flex;
-		align-items: center;
-		gap: 16px;
-	}
-
-	&__chevron {
-		display: flex;
-		align-items: center;
-		justify-content: center;
-		width: 14px;
-		height: 14px;
-		color: var(--foreground);
-		flex-shrink: 0;
-	}
-
-	&__label {
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 400;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-		color: var(--text-base-white);
-		text-transform: capitalize;
-	}
-
-	&__body {
-		display: flex;
-		flex-direction: column;
-		gap: 2px;
-		padding: 8px 0 8px 44px;
-		background: rgba(171, 189, 255, 0.04);
-	}
-
-	&__radio-group {
-		display: flex;
-		flex-direction: column;
-		gap: 2px;
-	}
-
-	&__radio-item {
-		display: flex;
-		align-items: center;
-		gap: 8px;
-		padding: 6px 0;
-
-		label {
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			line-height: 20px;
-			letter-spacing: -0.07px;
-			color: var(--text-base-white);
-			cursor: pointer;
-		}
-	}
-
-	&__select-wrapper {
-		padding: 6px 16px 4px 24px;
-	}
-
-	&__select {
-		width: 100%;
-
-		// todo: https://github.com/SigNoz/components/issues/116
-		.ant-select-selector {
-			background: var(--l2-background) !important;
-			border: 1px solid var(--border) !important;
-			border-radius: 2px !important;
-			padding: 4px 6px !important;
-			min-height: 32px !important;
-			box-shadow: none !important;
-
-			&:hover,
-			&:focus-within {
-				border-color: var(--input) !important;
-				box-shadow: none !important;
-			}
-		}
-
-		.ant-select-selection-placeholder {
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			color: var(--foreground);
-			opacity: 0.4;
-		}
-
-		.ant-select-selection-item {
-			background: var(--input) !important;
-			border: none !important;
-			border-radius: 2px !important;
-			padding: 0 6px !important;
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			line-height: 20px;
-			color: var(--text-base-white) !important;
-			height: auto !important;
-		}
-
-		.ant-select-selection-item-remove {
-			color: var(--foreground) !important;
-			display: flex;
-			align-items: center;
-		}
-
-		.ant-select-arrow {
-			color: var(--foreground);
-		}
-	}
-
-	&__select-popup {
-		.ant-select-item {
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			color: var(--foreground);
-			background: var(--l2-background);
-
-			&-option-selected {
-				background: var(--border) !important;
-				color: var(--text-base-white) !important;
-			}
-
-			&-option-active {
-				background: var(--l2-background-hover) !important;
-			}
-		}
-
-		.ant-select-dropdown {
-			background: var(--l2-background);
-			border: 1px solid var(--border);
-			border-radius: 2px;
-			padding: 4px 0;
-		}
-	}
-}
-
-.lightMode {
-	.permission-side-panel {
-		&__close {
-			&:hover {
-				color: var(--text-base-black);
-			}
-		}
-	}
-
-	.psp-resource {
-		&__label {
-			color: var(--text-base-black);
-		}
-
-		&__radio-item label {
-			color: var(--text-base-black);
-		}
-
-		&__select .ant-select-selection-item {
-			color: var(--text-base-black) !important;
-		}
-	}
-
-	.psp-resource__select-popup {
-		.ant-select-item {
-			&-option-selected {
-				color: var(--text-base-black) !important;
-			}
-		}
-	}
-}

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.tsx

@@ -1,294 +0,0 @@
-import { useCallback, useEffect, useMemo, useState } from 'react';
-import { Button } from '@signozhq/button';
-import { ChevronDown, ChevronRight, X } from '@signozhq/icons';
-import {
-	RadioGroup,
-	RadioGroupItem,
-	RadioGroupLabel,
-} from '@signozhq/radio-group';
-import { Select, Skeleton } from 'antd';
-
-import {
-	buildConfig,
-	configsEqual,
-	DEFAULT_RESOURCE_CONFIG,
-	isResourceConfigEqual,
-} from '../utils';
-import type {
-	PermissionConfig,
-	PermissionSidePanelProps,
-	ResourceConfig,
-	ResourceDefinition,
-	ScopeType,
-} from './PermissionSidePanel.types';
-import { PermissionScope } from './PermissionSidePanel.types';
-
-import './PermissionSidePanel.styles.scss';
-
-interface ResourceRowProps {
-	resource: ResourceDefinition;
-	config: ResourceConfig;
-	isExpanded: boolean;
-	onToggleExpand: (id: string) => void;
-	onScopeChange: (id: string, scope: ScopeType) => void;
-	onSelectedIdsChange: (id: string, ids: string[]) => void;
-}
-
-function ResourceRow({
-	resource,
-	config,
-	isExpanded,
-	onToggleExpand,
-	onScopeChange,
-	onSelectedIdsChange,
-}: ResourceRowProps): JSX.Element {
-	return (
-		<div className="psp-resource">
-			<div
-				className={`psp-resource__row${
-					isExpanded ? ' psp-resource__row--expanded' : ''
-				}`}
-				role="button"
-				tabIndex={0}
-				onClick={(): void => onToggleExpand(resource.id)}
-				onKeyDown={(e): void => {
-					if (e.key === 'Enter' || e.key === ' ') {
-						onToggleExpand(resource.id);
-					}
-				}}
-			>
-				<div className="psp-resource__left">
-					<span className="psp-resource__chevron">
-						{isExpanded ? <ChevronDown size={14} /> : <ChevronRight size={14} />}
-					</span>
-					<span className="psp-resource__label">{resource.label}</span>
-				</div>
-			</div>
-
-			{isExpanded && (
-				<div className="psp-resource__body">
-					<RadioGroup
-						value={config.scope}
-						onValueChange={(val): void =>
-							onScopeChange(resource.id, val as ScopeType)
-						}
-						className="psp-resource__radio-group"
-					>
-						<div className="psp-resource__radio-item">
-							<RadioGroupItem
-								value={PermissionScope.ALL}
-								id={`${resource.id}-all`}
-								color="robin"
-							/>
-							<RadioGroupLabel htmlFor={`${resource.id}-all`}>All</RadioGroupLabel>
-						</div>
-
-						<div className="psp-resource__radio-item">
-							<RadioGroupItem
-								value={PermissionScope.ONLY_SELECTED}
-								id={`${resource.id}-only-selected`}
-								color="robin"
-							/>
-							<RadioGroupLabel htmlFor={`${resource.id}-only-selected`}>
-								Only selected
-							</RadioGroupLabel>
-						</div>
-					</RadioGroup>
-
-					{config.scope === PermissionScope.ONLY_SELECTED && (
-						<div className="psp-resource__select-wrapper">
-							{/* TODO: right now made to only accept user input, we need to give it proper resource based value fetching from APIs */}
-							<Select
-								mode="tags"
-								value={config.selectedIds}
-								onChange={(vals: string[]): void =>
-									onSelectedIdsChange(resource.id, vals)
-								}
-								options={resource.options ?? []}
-								placeholder="Select resources..."
-								className="psp-resource__select"
-								popupClassName="psp-resource__select-popup"
-								showSearch
-								filterOption={(input, option): boolean =>
-									String(option?.label ?? '')
-										.toLowerCase()
-										.includes(input.toLowerCase())
-								}
-							/>
-						</div>
-					)}
-				</div>
-			)}
-		</div>
-	);
-}
-
-function PermissionSidePanel({
-	open,
-	onClose,
-	permissionLabel,
-	resources,
-	initialConfig,
-	isLoading = false,
-	isSaving = false,
-	onSave,
-}: PermissionSidePanelProps): JSX.Element | null {
-	const [config, setConfig] = useState<PermissionConfig>(() =>
-		buildConfig(resources, initialConfig),
-	);
-	const [expandedIds, setExpandedIds] = useState<Set<string>>(new Set());
-
-	useEffect(() => {
-		if (open) {
-			setConfig(buildConfig(resources, initialConfig));
-			setExpandedIds(new Set());
-		}
-	}, [open, resources, initialConfig]);
-
-	const savedConfig = useMemo(() => buildConfig(resources, initialConfig), [
-		resources,
-		initialConfig,
-	]);
-
-	const unsavedCount = useMemo(() => {
-		if (configsEqual(config, savedConfig)) {
-			return 0;
-		}
-		return Object.keys(config).filter(
-			(id) => !isResourceConfigEqual(config[id], savedConfig[id]),
-		).length;
-	}, [config, savedConfig]);
-
-	const updateResource = useCallback(
-		(id: string, patch: Partial<ResourceConfig>): void => {
-			setConfig((prev) => ({
-				...prev,
-				[id]: { ...prev[id], ...patch },
-			}));
-		},
-		[],
-	);
-
-	const handleToggleExpand = useCallback((id: string): void => {
-		setExpandedIds((prev) => {
-			const next = new Set(prev);
-			if (next.has(id)) {
-				next.delete(id);
-			} else {
-				next.add(id);
-			}
-			return next;
-		});
-	}, []);
-
-	const handleScopeChange = useCallback(
-		(id: string, scope: ScopeType): void => {
-			updateResource(id, { scope, selectedIds: [] });
-		},
-		[updateResource],
-	);
-
-	const handleSelectedIdsChange = useCallback(
-		(id: string, ids: string[]): void => {
-			updateResource(id, { selectedIds: ids });
-		},
-		[updateResource],
-	);
-
-	const handleSave = useCallback((): void => {
-		onSave(config);
-	}, [config, onSave]);
-
-	const handleDiscard = useCallback((): void => {
-		setConfig(buildConfig(resources, initialConfig));
-		setExpandedIds(new Set());
-	}, [resources, initialConfig]);
-
-	if (!open) {
-		return null;
-	}
-
-	return (
-		<>
-			<div
-				className="permission-side-panel-backdrop"
-				role="presentation"
-				onClick={onClose}
-			/>
-
-			<div className="permission-side-panel">
-				<div className="permission-side-panel__header">
-					<Button
-						variant="ghost"
-						size="icon"
-						className="permission-side-panel__close"
-						onClick={onClose}
-						aria-label="Close panel"
-					>
-						<X size={16} />
-					</Button>
-					<span className="permission-side-panel__header-divider" />
-					<span className="permission-side-panel__title">
-						Edit {permissionLabel} Permissions
-					</span>
-				</div>
-
-				<div className="permission-side-panel__content">
-					{isLoading ? (
-						<Skeleton active paragraph={{ rows: 6 }} />
-					) : (
-						<div className="permission-side-panel__resource-list">
-							{resources.map((resource) => (
-								<ResourceRow
-									key={resource.id}
-									resource={resource}
-									config={config[resource.id] ?? DEFAULT_RESOURCE_CONFIG}
-									isExpanded={expandedIds.has(resource.id)}
-									onToggleExpand={handleToggleExpand}
-									onScopeChange={handleScopeChange}
-									onSelectedIdsChange={handleSelectedIdsChange}
-								/>
-							))}
-						</div>
-					)}
-				</div>
-
-				<div className="permission-side-panel__footer">
-					{unsavedCount > 0 && (
-						<div className="permission-side-panel__unsaved">
-							<span className="permission-side-panel__unsaved-dot" />
-							<span className="permission-side-panel__unsaved-text">
-								{unsavedCount} unsaved change{unsavedCount !== 1 ? 's' : ''}
-							</span>
-						</div>
-					)}
-
-					<div className="permission-side-panel__footer-actions">
-						<Button
-							variant="solid"
-							color="secondary"
-							prefixIcon={<X size={14} />}
-							onClick={unsavedCount > 0 ? handleDiscard : onClose}
-							size="sm"
-							disabled={isSaving}
-						>
-							{unsavedCount > 0 ? 'Discard' : 'Cancel'}
-						</Button>
-						<Button
-							variant="solid"
-							color="primary"
-							size="sm"
-							onClick={handleSave}
-							loading={isSaving}
-							disabled={isLoading || unsavedCount === 0}
-						>
-							Save Changes
-						</Button>
-					</div>
-				</div>
-			</div>
-		</>
-	);
-}
-
-export default PermissionSidePanel;

frontend/src/container/RolesSettings/PermissionSidePanel/PermissionSidePanel.types.ts

@@ -1,35 +0,0 @@
-export interface ResourceOption {
-	value: string;
-	label: string;
-}
-
-export interface ResourceDefinition {
-	id: string;
-	label: string;
-	options?: ResourceOption[];
-}
-
-export enum PermissionScope {
-	ALL = 'all',
-	ONLY_SELECTED = 'only_selected',
-}
-
-export type ScopeType = PermissionScope;
-
-export interface ResourceConfig {
-	scope: ScopeType;
-	selectedIds: string[];
-}
-
-export type PermissionConfig = Record<string, ResourceConfig>;
-
-export interface PermissionSidePanelProps {
-	open: boolean;
-	onClose: () => void;
-	permissionLabel: string;
-	resources: ResourceDefinition[];
-	initialConfig?: PermissionConfig;
-	isLoading?: boolean;
-	isSaving?: boolean;
-	onSave: (config: PermissionConfig) => void;
-}

frontend/src/container/RolesSettings/PermissionSidePanel/index.tsx

@@ -1,10 +0,0 @@
-export { default } from './PermissionSidePanel';
-export type {
-	PermissionConfig,
-	PermissionSidePanelProps,
-	ResourceConfig,
-	ResourceDefinition,
-	ResourceOption,
-	ScopeType,
-} from './PermissionSidePanel.types';
-export { PermissionScope } from './PermissionSidePanel.types';

frontend/src/container/RolesSettings/RoleDetails/RoleDetailsPage.styles.scss

@@ -1,417 +0,0 @@
-.role-details-page {
-	display: flex;
-	flex-direction: column;
-	gap: 16px;
-	padding: 16px;
-	width: 100%;
-	max-width: 60vw;
-	margin: 0 auto;
-
-	.role-details-header {
-		display: flex;
-		flex-direction: column;
-		gap: 0;
-	}
-
-	.role-details-title {
-		color: var(--text-base-white);
-		font-family: Inter;
-		font-size: 18px;
-		font-weight: 500;
-		line-height: 28px;
-		letter-spacing: -0.09px;
-	}
-
-	.role-details-permission-item--readonly {
-		cursor: default !important;
-		pointer-events: none;
-		opacity: 0.55;
-	}
-
-	.role-details-nav {
-		display: flex;
-		align-items: center;
-		justify-content: space-between;
-	}
-
-	.role-details-tab {
-		gap: 4px;
-		padding: 0 16px;
-		height: 32px;
-		border-radius: 0;
-		font-size: 12px;
-		overflow: hidden;
-		font-weight: 400;
-		line-height: 18px;
-		letter-spacing: -0.06px;
-
-		&[data-state='on'] {
-			border-radius: 2px 0 0 2px;
-		}
-	}
-
-	.role-details-tab-count {
-		display: flex;
-		align-items: center;
-		justify-content: center;
-		min-width: 20px;
-		padding: 0 6px;
-		border-radius: 50px;
-		background: var(--secondary);
-		font-size: 12px;
-		font-weight: 400;
-		line-height: 20px;
-		color: var(--foreground);
-		letter-spacing: -0.06px;
-		text-transform: uppercase;
-	}
-
-	.role-details-actions {
-		display: flex;
-		align-items: center;
-		gap: 12px;
-	}
-
-	.role-details-overview {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-	}
-
-	.role-details-meta {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-	}
-
-	.role-details-section-label {
-		font-family: Inter;
-		font-size: 12px;
-		font-weight: 500;
-		line-height: 20px;
-		letter-spacing: 0.48px;
-		text-transform: uppercase;
-		color: var(--foreground);
-	}
-
-	.role-details-description-text {
-		font-family: Inter;
-		font-size: 13px;
-		font-weight: 500;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-		color: var(--foreground);
-	}
-
-	.role-details-info-row {
-		display: flex;
-		gap: 16px;
-		align-items: flex-start;
-	}
-
-	.role-details-info-col {
-		flex: 1;
-		min-width: 0;
-		display: flex;
-		flex-direction: column;
-		gap: 4px;
-	}
-
-	.role-details-info-value {
-		display: flex;
-		align-items: center;
-		gap: 8px;
-	}
-
-	.role-details-info-name {
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 500;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-		color: var(--foreground);
-	}
-
-	.role-details-permissions {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-		padding-top: 8px;
-	}
-
-	.role-details-permissions-header {
-		display: flex;
-		align-items: center;
-		gap: 16px;
-		height: 20px;
-	}
-
-	.role-details-permissions-divider {
-		flex: 1;
-		border: none;
-		border-top: 2px dotted var(--border);
-		border-bottom: 2px dotted var(--border);
-		height: 7px;
-		margin: 0;
-	}
-
-	.role-details-permission-list {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-	}
-
-	.role-details-permission-item {
-		display: flex;
-		align-items: center;
-		justify-content: space-between;
-		height: 44px;
-		padding: 0 12px;
-		background: rgba(171, 189, 255, 0.08);
-		border: 1px solid var(--secondary);
-		border-radius: 4px;
-		cursor: pointer;
-		transition: background 0.15s ease;
-
-		&:hover {
-			background: rgba(171, 189, 255, 0.12);
-		}
-	}
-
-	.role-details-permission-item-left {
-		display: flex;
-		align-items: center;
-		gap: 8px;
-	}
-
-	.role-details-permission-item-label {
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 400;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-		color: var(--text-base-white);
-	}
-
-	.role-details-members {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-	}
-
-	.role-details-members-search {
-		display: flex;
-		align-items: center;
-		gap: 6px;
-		height: 32px;
-		padding: 6px 6px 6px 8px;
-		background: var(--l2-background);
-		border: 1px solid var(--secondary);
-		border-radius: 2px;
-
-		.role-details-members-search-icon {
-			flex-shrink: 0;
-			color: var(--foreground);
-			opacity: 0.5;
-		}
-
-		.role-details-members-search-input {
-			flex: 1;
-			height: 100%;
-			background: transparent;
-			border: none;
-			outline: none;
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			line-height: 18px;
-			letter-spacing: -0.07px;
-			color: var(--foreground);
-
-			&::placeholder {
-				color: var(--foreground);
-				opacity: 0.4;
-			}
-		}
-	}
-
-	.role-details-members-content {
-		display: flex;
-		flex-direction: column;
-		min-height: 420px;
-		border: 1px dashed var(--secondary);
-		border-radius: 3px;
-		margin-top: -1px;
-	}
-
-	.role-details-members-empty-state {
-		display: flex;
-		flex: 1;
-		flex-direction: column;
-		align-items: center;
-		justify-content: center;
-		gap: 4px;
-		padding: 48px 0;
-		flex-grow: 1;
-
-		.role-details-members-empty-emoji {
-			font-size: 32px;
-			line-height: 1;
-		}
-
-		.role-details-members-empty-text {
-			font-family: Inter;
-			font-size: 14px;
-			line-height: 18px;
-			letter-spacing: -0.07px;
-
-			&--bold {
-				font-weight: 500;
-				color: var(--text-base-white);
-			}
-
-			&--muted {
-				font-weight: 400;
-				color: var(--foreground);
-			}
-		}
-	}
-
-	.role-details-skeleton {
-		padding: 16px 0;
-	}
-}
-
-.role-details-delete-action-btn {
-	display: flex;
-	align-items: center;
-	justify-content: center;
-	width: 32px;
-	height: 32px;
-	min-width: 32px;
-	border: none;
-	border-radius: 2px;
-	background: transparent;
-	color: var(--destructive);
-	opacity: 0.6;
-	padding: 0;
-	transition: background-color 0.2s, opacity 0.2s;
-	box-shadow: none;
-
-	&:hover {
-		background: rgba(229, 72, 77, 0.1);
-		opacity: 0.9;
-	}
-}
-
-.role-details-delete-modal {
-	width: calc(100% - 30px) !important;
-	max-width: 384px;
-
-	.ant-modal-content {
-		padding: 0;
-		border-radius: 4px;
-		border: 1px solid var(--secondary);
-		background: var(--l2-background);
-		box-shadow: 0px -4px 16px 2px rgba(0, 0, 0, 0.2);
-
-		.ant-modal-header {
-			padding: 16px;
-			background: var(--l2-background);
-			margin-bottom: 0;
-		}
-
-		.ant-modal-body {
-			padding: 0 16px 28px 16px;
-		}
-
-		.ant-modal-footer {
-			display: flex;
-			justify-content: flex-end;
-			padding: 16px;
-			margin: 0;
-
-			.cancel-btn {
-				display: flex;
-				align-items: center;
-				border: none;
-				border-radius: 2px;
-			}
-
-			.delete-btn {
-				display: flex;
-				align-items: center;
-				border: none;
-				border-radius: 2px;
-				margin-left: 12px;
-			}
-		}
-	}
-
-	.title {
-		color: var(--text-base-white);
-		font-family: Inter;
-		font-size: 13px;
-		font-weight: 400;
-		line-height: 1;
-		letter-spacing: -0.065px;
-	}
-
-	.delete-text {
-		color: var(--foreground);
-		font-family: Inter;
-		font-size: 14px;
-		font-weight: 400;
-		line-height: 20px;
-		letter-spacing: -0.07px;
-
-		strong {
-			font-weight: 600;
-			color: var(--text-base-white);
-		}
-	}
-}
-
-.lightMode {
-	.role-details-delete-modal {
-		.ant-modal-content {
-			.ant-modal-header {
-				.title {
-					color: var(--text-base-black);
-				}
-			}
-
-			.ant-modal-body {
-				.delete-text {
-					strong {
-						color: var(--text-base-black);
-					}
-				}
-			}
-		}
-	}
-
-	.role-details-page {
-		.role-details-title {
-			color: var(--text-base-black);
-		}
-
-		.role-details-members-empty-state {
-			.role-details-members-empty-text--bold {
-				color: var(--text-base-black);
-			}
-		}
-
-		.role-details-permission-item {
-			background: rgba(0, 0, 0, 0.04);
-
-			&:hover {
-				background: rgba(0, 0, 0, 0.07);
-			}
-		}
-
-		.role-details-permission-item-label {
-			color: var(--text-base-black);
-		}
-	}
-}

frontend/src/container/RolesSettings/RoleDetails/RoleDetailsPage.tsx

@@ -1,276 +0,0 @@
-import { useEffect, useMemo, useState } from 'react';
-import { useQueryClient } from 'react-query';
-import { useHistory, useLocation } from 'react-router-dom';
-import { Button } from '@signozhq/button';
-import { Table2, Trash2, Users } from '@signozhq/icons';
-import { toast } from '@signozhq/sonner';
-import { ToggleGroup, ToggleGroupItem } from '@signozhq/toggle-group';
-import { Skeleton } from 'antd';
-import { useAuthzResources } from 'api/generated/services/authz';
-import {
-	getGetObjectsQueryKey,
-	useDeleteRole,
-	useGetObjects,
-	useGetRole,
-	usePatchObjects,
-} from 'api/generated/services/role';
-import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
-import ROUTES from 'constants/routes';
-import { capitalize } from 'lodash-es';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import { RoleType } from 'types/roles';
-import { handleApiError, toAPIError } from 'utils/errorUtils';
-
-import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from '../config';
-import type { PermissionConfig } from '../PermissionSidePanel';
-import PermissionSidePanel from '../PermissionSidePanel';
-import CreateRoleModal from '../RolesComponents/CreateRoleModal';
-import DeleteRoleModal from '../RolesComponents/DeleteRoleModal';
-import {
-	buildPatchPayload,
-	derivePermissionTypes,
-	deriveResourcesForRelation,
-	objectsToPermissionConfig,
-} from '../utils';
-import MembersTab from './components/MembersTab';
-import OverviewTab from './components/OverviewTab';
-import { ROLE_ID_REGEX } from './constants';
-
-import './RoleDetailsPage.styles.scss';
-
-type TabKey = 'overview' | 'members';
-
-// eslint-disable-next-line sonarjs/cognitive-complexity
-function RoleDetailsPage(): JSX.Element {
-	const { pathname } = useLocation();
-	const history = useHistory();
-
-	useEffect(() => {
-		if (!IS_ROLE_DETAILS_AND_CRUD_ENABLED) {
-			history.push(ROUTES.ROLES_SETTINGS);
-		}
-	}, [history]);
-
-	const queryClient = useQueryClient();
-	const { showErrorModal } = useErrorModal();
-
-	const { data: authzResourcesResponse } = useAuthzResources({
-		query: { enabled: true },
-	});
-	const authzResources = authzResourcesResponse?.data ?? null;
-
-	// Extract channelId from URL pathname since useParams doesn't work in nested routing
-	const roleIdMatch = pathname.match(ROLE_ID_REGEX);
-	const roleId = roleIdMatch ? roleIdMatch[1] : '';
-
-	const [activeTab, setActiveTab] = useState<TabKey>('overview');
-	const [isEditModalOpen, setIsEditModalOpen] = useState(false);
-	const [isDeleteModalOpen, setIsDeleteModalOpen] = useState(false);
-	const [activePermission, setActivePermission] = useState<string | null>(null);
-
-	const { data, isLoading, isFetching, isError, error } = useGetRole(
-		{ id: roleId },
-		{ query: { enabled: !!roleId } },
-	);
-	const role = data?.data;
-	const isTransitioning = isFetching && role?.id !== roleId;
-	const isManaged = role?.type === RoleType.MANAGED;
-
-	const permissionTypes = useMemo(
-		() => derivePermissionTypes(authzResources?.relations ?? null),
-		[authzResources],
-	);
-
-	const resourcesForActivePermission = useMemo(
-		() =>
-			activePermission
-				? deriveResourcesForRelation(authzResources ?? null, activePermission)
-				: [],
-		[authzResources, activePermission],
-	);
-
-	const { data: objectsData, isLoading: isLoadingObjects } = useGetObjects(
-		{ id: roleId, relation: activePermission ?? '' },
-		{ query: { enabled: !!activePermission && !!roleId && !isManaged } },
-	);
-
-	const initialConfig = useMemo(() => {
-		if (!objectsData?.data || !activePermission) {
-			return undefined;
-		}
-		return objectsToPermissionConfig(
-			objectsData.data,
-			resourcesForActivePermission,
-		);
-	}, [objectsData, activePermission, resourcesForActivePermission]);
-
-	const handleSaveSuccess = (): void => {
-		toast.success('Permissions saved successfully');
-		if (activePermission) {
-			queryClient.removeQueries(
-				getGetObjectsQueryKey({ id: roleId, relation: activePermission }),
-			);
-		}
-		setActivePermission(null);
-	};
-
-	const { mutate: patchObjects, isLoading: isSaving } = usePatchObjects({
-		mutation: {
-			onSuccess: handleSaveSuccess,
-			onError: (err) => handleApiError(err, showErrorModal),
-		},
-	});
-
-	const { mutate: deleteRole, isLoading: isDeleting } = useDeleteRole({
-		mutation: {
-			onSuccess: (): void => {
-				toast.success('Role deleted successfully');
-				history.push(ROUTES.ROLES_SETTINGS);
-			},
-			onError: (err) => handleApiError(err, showErrorModal),
-		},
-	});
-
-	if (
-		!IS_ROLE_DETAILS_AND_CRUD_ENABLED ||
-		isLoading ||
-		isTransitioning ||
-		!role
-	) {
-		return (
-			<div className="role-details-page">
-				<Skeleton
-					active
-					paragraph={{ rows: 8 }}
-					className="role-details-skeleton"
-				/>
-			</div>
-		);
-	}
-
-	if (isError) {
-		return (
-			<div className="role-details-page">
-				<ErrorInPlace
-					error={toAPIError(
-						error,
-						'An unexpected error occurred while fetching role details.',
-					)}
-				/>
-			</div>
-		);
-	}
-
-	const handleSave = (config: PermissionConfig): void => {
-		if (!activePermission || !authzResources) {
-			return;
-		}
-		patchObjects({
-			pathParams: { id: roleId, relation: activePermission },
-			data: buildPatchPayload({
-				newConfig: config,
-				initialConfig: initialConfig ?? {},
-				resources: resourcesForActivePermission,
-				authzRes: authzResources,
-			}),
-		});
-	};
-
-	return (
-		<div className="role-details-page">
-			<div className="role-details-header">
-				<h2 className="role-details-title">Role — {role.name}</h2>
-			</div>
-
-			<div className="role-details-nav">
-				<ToggleGroup
-					type="single"
-					value={activeTab}
-					onValueChange={(val): void => {
-						if (val) {
-							setActiveTab(val as TabKey);
-						}
-					}}
-					className="role-details-tabs"
-				>
-					<ToggleGroupItem value="overview" className="role-details-tab">
-						<Table2 size={14} />
-						Overview
-					</ToggleGroupItem>
-					<ToggleGroupItem value="members" className="role-details-tab">
-						<Users size={14} />
-						Members
-						<span className="role-details-tab-count">0</span>
-					</ToggleGroupItem>
-				</ToggleGroup>
-
-				{!isManaged && (
-					<div className="role-details-actions">
-						<Button
-							variant="ghost"
-							color="destructive"
-							className="role-details-delete-action-btn"
-							onClick={(): void => setIsDeleteModalOpen(true)}
-							aria-label="Delete role"
-						>
-							<Trash2 size={14} />
-						</Button>
-						<Button
-							variant="solid"
-							color="secondary"
-							size="sm"
-							onClick={(): void => setIsEditModalOpen(true)}
-						>
-							Edit Role Details
-						</Button>
-					</div>
-				)}
-			</div>
-
-			{activeTab === 'overview' && (
-				<OverviewTab
-					role={role || null}
-					isManaged={isManaged}
-					permissionTypes={permissionTypes}
-					onPermissionClick={(key): void => setActivePermission(key)}
-				/>
-			)}
-			{activeTab === 'members' && <MembersTab />}
-
-			{!isManaged && (
-				<>
-					<PermissionSidePanel
-						open={activePermission !== null}
-						onClose={(): void => setActivePermission(null)}
-						permissionLabel={activePermission ? capitalize(activePermission) : ''}
-						resources={resourcesForActivePermission}
-						initialConfig={initialConfig}
-						isLoading={isLoadingObjects}
-						isSaving={isSaving}
-						onSave={handleSave}
-					/>
-
-					<CreateRoleModal
-						isOpen={isEditModalOpen}
-						onClose={(): void => setIsEditModalOpen(false)}
-						initialData={{
-							id: roleId,
-							name: role.name || '',
-							description: role.description || '',
-						}}
-					/>
-				</>
-			)}
-
-			<DeleteRoleModal
-				isOpen={isDeleteModalOpen}
-				roleName={role.name || ''}
-				isDeleting={isDeleting}
-				onCancel={(): void => setIsDeleteModalOpen(false)}
-				onConfirm={(): void => deleteRole({ pathParams: { id: roleId } })}
-			/>
-		</div>
-	);
-}
-
-export default RoleDetailsPage;

frontend/src/container/RolesSettings/RoleDetails/__tests__/RoleDetailsPage.test.tsx

@@ -1,438 +0,0 @@
-// Ungate feature flag for all tests in this file
-jest.mock('../../config', () => ({ IS_ROLE_DETAILS_AND_CRUD_ENABLED: true }));
-
-import {
-	customRoleResponse,
-	managedRoleResponse,
-} from 'mocks-server/__mockdata__/roles';
-import { server } from 'mocks-server/server';
-import { rest } from 'msw';
-import { render, screen, userEvent, waitFor, within } from 'tests/test-utils';
-
-import RoleDetailsPage from '../RoleDetailsPage';
-
-const CUSTOM_ROLE_ID = '019c24aa-3333-0001-aaaa-111111111111';
-const MANAGED_ROLE_ID = '019c24aa-2248-756f-9833-984f1ab63819';
-
-const rolesApiBase = 'http://localhost/api/v1/roles';
-const authzResourcesUrl = 'http://localhost/api/v1/authz/resources';
-
-const authzResourcesResponse = {
-	status: 'success',
-	data: {
-		relations: { create: ['dashboard'], read: ['dashboard'] },
-		resources: [{ name: 'dashboard', type: 'dashboard' }],
-	},
-};
-
-const emptyObjectsResponse = { status: 'success', data: [] };
-
-const allScopeObjectsResponse = {
-	status: 'success',
-	data: [
-		{
-			resource: { name: 'dashboard', type: 'dashboard' },
-			selectors: ['*'],
-		},
-	],
-};
-
-function setupDefaultHandlers(roleId = CUSTOM_ROLE_ID): void {
-	const roleResponse =
-		roleId === MANAGED_ROLE_ID ? managedRoleResponse : customRoleResponse;
-
-	server.use(
-		rest.get(`${rolesApiBase}/:id`, (_req, res, ctx) =>
-			res(ctx.status(200), ctx.json(roleResponse)),
-		),
-		rest.get(authzResourcesUrl, (_req, res, ctx) =>
-			res(ctx.status(200), ctx.json(authzResourcesResponse)),
-		),
-	);
-}
-
-afterEach(() => {
-	jest.clearAllMocks();
-	server.resetHandlers();
-});
-
-describe('RoleDetailsPage', () => {
-	it('renders custom role header, tabs, description, permissions, and action buttons', async () => {
-		setupDefaultHandlers();
-
-		render(<RoleDetailsPage />, undefined, {
-			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-		});
-
-		expect(await screen.findByText('Role — billing-manager')).toBeInTheDocument();
-
-		// Tab navigation
-		expect(screen.getByText('Overview')).toBeInTheDocument();
-		expect(screen.getByText('Members')).toBeInTheDocument();
-
-		// Role description (OverviewTab)
-		expect(
-			screen.getByText('Custom role for managing billing and invoices.'),
-		).toBeInTheDocument();
-
-		// Permission items derived from mocked authz relations
-		expect(screen.getByText('Create')).toBeInTheDocument();
-		expect(screen.getByText('Read')).toBeInTheDocument();
-
-		// Action buttons present for custom role
-		expect(
-			screen.getByRole('button', { name: /edit role details/i }),
-		).toBeInTheDocument();
-		expect(
-			screen.getByRole('button', { name: /delete role/i }),
-		).toBeInTheDocument();
-	});
-
-	it('shows managed-role warning callout and hides edit/delete buttons', async () => {
-		setupDefaultHandlers(MANAGED_ROLE_ID);
-
-		render(<RoleDetailsPage />, undefined, {
-			initialRoute: `/settings/roles/${MANAGED_ROLE_ID}`,
-		});
-
-		expect(await screen.findByText(/Role — signoz-admin/)).toBeInTheDocument();
-
-		expect(
-			screen.getByText(
-				'This is a managed role. Permissions and settings are view-only and cannot be modified.',
-			),
-		).toBeInTheDocument();
-
-		// Action buttons absent for managed role
-		expect(screen.queryByText('Edit Role Details')).not.toBeInTheDocument();
-		expect(
-			screen.queryByRole('button', { name: /delete role/i }),
-		).not.toBeInTheDocument();
-	});
-
-	it('edit flow: modal opens pre-filled and calls PATCH on save and verify', async () => {
-		const patchSpy = jest.fn();
-		let description = customRoleResponse.data.description;
-		server.use(
-			rest.get(`${rolesApiBase}/:id`, (_req, res, ctx) =>
-				res(
-					ctx.status(200),
-					ctx.json({
-						...customRoleResponse,
-						data: { ...customRoleResponse.data, description },
-					}),
-				),
-			),
-			rest.patch(`${rolesApiBase}/:id`, async (req, res, ctx) => {
-				const body = await req.json();
-				patchSpy(body);
-				description = body.description;
-				return res(
-					ctx.status(200),
-					ctx.json({
-						...customRoleResponse,
-						data: { ...customRoleResponse.data, description },
-					}),
-				);
-			}),
-		);
-
-		const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-		render(<RoleDetailsPage />, undefined, {
-			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-		});
-
-		await screen.findByText('Role — billing-manager');
-
-		// Open the edit modal
-		await user.click(screen.getByRole('button', { name: /edit role details/i }));
-		expect(
-			await screen.findByText('Edit Role Details', {
-				selector: '.ant-modal-title',
-			}),
-		).toBeInTheDocument();
-
-		// Name field is disabled in edit mode (role rename is not allowed)
-		const nameInput = screen.getByPlaceholderText(
-			'Enter role name e.g. : Service Owner',
-		);
-		expect(nameInput).toBeDisabled();
-
-		// Update description and save
-		const descField = screen.getByPlaceholderText(
-			'A helpful description of the role',
-		);
-		await user.clear(descField);
-		await user.type(descField, 'Updated description');
-		await user.click(screen.getByRole('button', { name: /save changes/i }));
-
-		await waitFor(() =>
-			expect(patchSpy).toHaveBeenCalledWith({
-				description: 'Updated description',
-			}),
-		);
-
-		await waitFor(() =>
-			expect(
-				screen.queryByText('Edit Role Details', {
-					selector: '.ant-modal-title',
-				}),
-			).not.toBeInTheDocument(),
-		);
-
-		expect(await screen.findByText('Updated description')).toBeInTheDocument();
-	});
-
-	it('delete flow: modal shows role name, DELETE called on confirm', async () => {
-		const deleteSpy = jest.fn();
-
-		setupDefaultHandlers();
-		server.use(
-			rest.delete(`${rolesApiBase}/:id`, (_req, res, ctx) => {
-				deleteSpy();
-				return res(ctx.status(200), ctx.json({ status: 'success' }));
-			}),
-		);
-
-		const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-		render(<RoleDetailsPage />, undefined, {
-			initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-		});
-
-		await screen.findByText('Role — billing-manager');
-
-		await user.click(screen.getByRole('button', { name: /delete role/i }));
-
-		expect(
-			await screen.findByText(/Are you sure you want to delete the role/),
-		).toBeInTheDocument();
-
-		const dialog = await screen.findByRole('dialog');
-		await user.click(
-			within(dialog).getByRole('button', { name: /delete role/i }),
-		);
-
-		await waitFor(() => expect(deleteSpy).toHaveBeenCalled());
-
-		await waitFor(() =>
-			expect(
-				screen.queryByText(/Are you sure you want to delete the role/),
-			).not.toBeInTheDocument(),
-		);
-	});
-
-	describe('permission side panel', () => {
-		async function openCreatePanel(
-			user: ReturnType<typeof userEvent.setup>,
-		): Promise<void> {
-			await screen.findByText('Role — billing-manager');
-			await user.click(screen.getByText('Create'));
-			await screen.findByText('Edit Create Permissions');
-			await screen.findByRole('button', { name: /dashboard/i });
-		}
-
-		it('Save Changes is disabled until a resource scope is changed', async () => {
-			setupDefaultHandlers();
-			server.use(
-				rest.get(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
-				),
-			);
-
-			const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			await openCreatePanel(user);
-
-			// No change yet — config matches initial, unsavedCount = 0
-			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
-
-			// Expand Dashboard and flip to All — now Save is enabled
-			await user.click(screen.getByRole('button', { name: /dashboard/i }));
-			await user.click(screen.getByText('All'));
-
-			expect(
-				screen.getByRole('button', { name: /save changes/i }),
-			).not.toBeDisabled();
-
-			// check for what shown now - unsavedCount = 1
-			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();
-		});
-
-		it('set scope to All → patchObjects additions: ["*"], deletions: null', async () => {
-			const patchSpy = jest.fn();
-
-			setupDefaultHandlers();
-			server.use(
-				rest.get(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
-				),
-				rest.patch(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					async (req, res, ctx) => {
-						patchSpy(await req.json());
-						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
-					},
-				),
-			);
-
-			const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			await openCreatePanel(user);
-
-			await user.click(screen.getByRole('button', { name: /dashboard/i }));
-			await user.click(screen.getByText('All'));
-			await user.click(screen.getByRole('button', { name: /save changes/i }));
-
-			await waitFor(() =>
-				expect(patchSpy).toHaveBeenCalledWith({
-					additions: [
-						{
-							resource: { name: 'dashboard', type: 'dashboard' },
-							selectors: ['*'],
-						},
-					],
-					deletions: null,
-				}),
-			);
-		});
-
-		it('set scope to Only selected with IDs → patchObjects additions contain those IDs', async () => {
-			const patchSpy = jest.fn();
-
-			setupDefaultHandlers();
-			server.use(
-				rest.get(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
-				),
-				rest.patch(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					async (req, res, ctx) => {
-						patchSpy(await req.json());
-						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
-					},
-				),
-			);
-
-			const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			await openCreatePanel(user);
-
-			await user.click(screen.getByRole('button', { name: /dashboard/i }));
-
-			const combobox = screen.getByRole('combobox');
-			await user.click(combobox);
-			await user.type(combobox, 'dash-1');
-			await user.keyboard('{Enter}');
-
-			await user.click(screen.getByRole('button', { name: /save changes/i }));
-
-			await waitFor(() =>
-				expect(patchSpy).toHaveBeenCalledWith({
-					additions: [
-						{
-							resource: { name: 'dashboard', type: 'dashboard' },
-							selectors: ['dash-1'],
-						},
-					],
-					deletions: null,
-				}),
-			);
-		});
-
-		it('existing All scope changed to Only selected (empty) → patchObjects deletions: ["*"], additions: null', async () => {
-			const patchSpy = jest.fn();
-
-			setupDefaultHandlers();
-			server.use(
-				rest.get(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					(_req, res, ctx) =>
-						res(ctx.status(200), ctx.json(allScopeObjectsResponse)),
-				),
-				rest.patch(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					async (req, res, ctx) => {
-						patchSpy(await req.json());
-						return res(ctx.status(200), ctx.json({ status: 'success', data: null }));
-					},
-				),
-			);
-
-			const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			await openCreatePanel(user);
-
-			await user.click(screen.getByRole('button', { name: /dashboard/i }));
-
-			await user.click(screen.getByText('Only selected'));
-			await user.click(screen.getByRole('button', { name: /save changes/i }));
-
-			// Should delete the '*' selector and add nothing
-			await waitFor(() =>
-				expect(patchSpy).toHaveBeenCalledWith({
-					additions: null,
-					deletions: [
-						{
-							resource: { name: 'dashboard', type: 'dashboard' },
-							selectors: ['*'],
-						},
-					],
-				}),
-			);
-		});
-
-		it('unsaved changes counter shown on scope change, Discard resets it', async () => {
-			setupDefaultHandlers();
-			server.use(
-				rest.get(
-					`${rolesApiBase}/:id/relation/:relation/objects`,
-					(_req, res, ctx) => res(ctx.status(200), ctx.json(emptyObjectsResponse)),
-				),
-			);
-
-			const user = userEvent.setup({ pointerEventsCheck: 0 });
-
-			render(<RoleDetailsPage />, undefined, {
-				initialRoute: `/settings/roles/${CUSTOM_ROLE_ID}`,
-			});
-
-			await openCreatePanel(user);
-
-			// No unsaved changes indicator yet
-			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();
-
-			// Change dashboard scope to "All"
-			await user.click(screen.getByRole('button', { name: /dashboard/i }));
-			await user.click(screen.getByText('All'));
-
-			expect(screen.getByText('1 unsaved change')).toBeInTheDocument();
-
-			// Discard reverts to initial config — counter disappears, Save re-disabled
-			await user.click(screen.getByRole('button', { name: /discard/i }));
-
-			expect(screen.queryByText(/unsaved change/)).not.toBeInTheDocument();
-			expect(screen.getByRole('button', { name: /save changes/i })).toBeDisabled();
-		});
-	});
-});

frontend/src/container/RolesSettings/RoleDetails/components/MembersTab.tsx

@@ -1,44 +0,0 @@
-import { useState } from 'react';
-import { Search } from '@signozhq/icons';
-
-function MembersTab(): JSX.Element {
-	const [searchQuery, setSearchQuery] = useState('');
-
-	return (
-		<div className="role-details-members">
-			<div className="role-details-members-search">
-				<Search size={12} className="role-details-members-search-icon" />
-				<input
-					type="text"
-					className="role-details-members-search-input"
-					placeholder="Search and add members..."
-					value={searchQuery}
-					onChange={(e): void => setSearchQuery(e.target.value)}
-				/>
-			</div>
-
-			{/* Todo: Right now we are only adding the empty state in this cut */}
-			<div className="role-details-members-content">
-				<div className="role-details-members-empty-state">
-					<span
-						className="role-details-members-empty-emoji"
-						role="img"
-						aria-label="monocle face"
-					>
-						🧐
-					</span>
-					<p className="role-details-members-empty-text">
-						<span className="role-details-members-empty-text--bold">
-							No members added.
-						</span>{' '}
-						<span className="role-details-members-empty-text--muted">
-							Start adding members to this role.
-						</span>
-					</p>
-				</div>
-			</div>
-		</div>
-	);
-}
-
-export default MembersTab;

frontend/src/container/RolesSettings/RoleDetails/components/OverviewTab.tsx

@@ -1,76 +0,0 @@
-import { Callout } from '@signozhq/callout';
-
-import { PermissionType, TimestampBadge } from '../../utils';
-import PermissionItem from './PermissionItem';
-
-interface OverviewTabProps {
-	role: {
-		description?: string;
-		createdAt?: Date | string;
-		updatedAt?: Date | string;
-	} | null;
-	isManaged: boolean;
-	permissionTypes: PermissionType[];
-	onPermissionClick: (relationKey: string) => void;
-}
-
-function OverviewTab({
-	role,
-	isManaged,
-	permissionTypes,
-	onPermissionClick,
-}: OverviewTabProps): JSX.Element {
-	return (
-		<div className="role-details-overview">
-			{isManaged && (
-				<Callout
-					type="warning"
-					showIcon
-					message="This is a managed role. Permissions and settings are view-only and cannot be modified."
-				/>
-			)}
-
-			<div className="role-details-meta">
-				<div>
-					<p className="role-details-section-label">Description</p>
-					<p className="role-details-description-text">{role?.description || '—'}</p>
-				</div>
-
-				<div className="role-details-info-row">
-					<div className="role-details-info-col">
-						<p className="role-details-section-label">Created At</p>
-						<div className="role-details-info-value">
-							<TimestampBadge date={role?.createdAt} />
-						</div>
-					</div>
-					<div className="role-details-info-col">
-						<p className="role-details-section-label">Last Modified At</p>
-						<div className="role-details-info-value">
-							<TimestampBadge date={role?.updatedAt} />
-						</div>
-					</div>
-				</div>
-			</div>
-
-			<div className="role-details-permissions">
-				<div className="role-details-permissions-header">
-					<span className="role-details-section-label">Permissions</span>
-					<hr className="role-details-permissions-divider" />
-				</div>
-
-				<div className="role-details-permission-list">
-					{permissionTypes.map((permissionType) => (
-						<PermissionItem
-							key={permissionType.key}
-							permissionType={permissionType}
-							isManaged={isManaged}
-							onPermissionClick={onPermissionClick}
-						/>
-					))}
-				</div>
-			</div>
-		</div>
-	);
-}
-
-export default OverviewTab;

frontend/src/container/RolesSettings/RoleDetails/components/PermissionItem.tsx

@@ -1,54 +0,0 @@
-import { ChevronRight } from '@signozhq/icons';
-
-import { PermissionType } from '../../utils';
-
-interface PermissionItemProps {
-	permissionType: PermissionType;
-	isManaged: boolean;
-	onPermissionClick: (key: string) => void;
-}
-
-function PermissionItem({
-	permissionType,
-	isManaged,
-	onPermissionClick,
-}: PermissionItemProps): JSX.Element {
-	const { key, label, icon } = permissionType;
-
-	if (isManaged) {
-		return (
-			<div
-				key={key}
-				className="role-details-permission-item role-details-permission-item--readonly"
-			>
-				<div className="role-details-permission-item-left">
-					{icon}
-					<span className="role-details-permission-item-label">{label}</span>
-				</div>
-			</div>
-		);
-	}
-
-	return (
-		<div
-			key={key}
-			className="role-details-permission-item"
-			role="button"
-			tabIndex={0}
-			onClick={(): void => onPermissionClick(key)}
-			onKeyDown={(e): void => {
-				if (e.key === 'Enter' || e.key === ' ') {
-					onPermissionClick(key);
-				}
-			}}
-		>
-			<div className="role-details-permission-item-left">
-				{icon}
-				<span className="role-details-permission-item-label">{label}</span>
-			</div>
-			<ChevronRight size={14} color="var(--foreground)" />
-		</div>
-	);
-}
-
-export default PermissionItem;

frontend/src/container/RolesSettings/RoleDetails/constants.ts

@@ -1,22 +0,0 @@
-import {
-	BadgePlus,
-	Eye,
-	LayoutList,
-	PencilRuler,
-	Settings,
-	Trash2,
-} from '@signozhq/icons';
-
-export const ROLE_ID_REGEX = /\/settings\/roles\/([^/]+)/;
-
-export type IconComponent = React.ComponentType<any>;
-
-export const PERMISSION_ICON_MAP: Record<string, IconComponent> = {
-	create: BadgePlus,
-	list: LayoutList,
-	read: Eye,
-	update: PencilRuler,
-	delete: Trash2,
-};
-
-export const FALLBACK_PERMISSION_ICON: IconComponent = Settings;

frontend/src/container/RolesSettings/RoleDetails/index.tsx

@@ -1 +0,0 @@
-export { default } from './RoleDetailsPage';

frontend/src/container/RolesSettings/RolesComponents/CreateRoleModal.tsx

@@ -1,191 +0,0 @@
-import { useCallback, useEffect, useRef } from 'react';
-import { useQueryClient } from 'react-query';
-import { generatePath, useHistory } from 'react-router-dom';
-import { Button } from '@signozhq/button';
-import { X } from '@signozhq/icons';
-import { Input, inputVariants } from '@signozhq/input';
-import { toast } from '@signozhq/sonner';
-import { Form, Modal } from 'antd';
-import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
-import {
-	invalidateGetRole,
-	invalidateListRoles,
-	useCreateRole,
-	usePatchRole,
-} from 'api/generated/services/role';
-import type { RoletypesPostableRoleDTO } from 'api/generated/services/sigNoz.schemas';
-import { AxiosError } from 'axios';
-import ROUTES from 'constants/routes';
-import { useErrorModal } from 'providers/ErrorModalProvider';
-import { ErrorV2Resp } from 'types/api';
-import APIError from 'types/api/error';
-
-import '../RolesSettings.styles.scss';
-
-export interface CreateRoleModalInitialData {
-	id: string;
-	name: string;
-	description?: string;
-}
-
-interface CreateRoleModalProps {
-	isOpen: boolean;
-	onClose: () => void;
-	initialData?: CreateRoleModalInitialData;
-}
-
-interface CreateRoleFormValues {
-	name: string;
-	description?: string;
-}
-
-function CreateRoleModal({
-	isOpen,
-	onClose,
-	initialData,
-}: CreateRoleModalProps): JSX.Element {
-	const [form] = Form.useForm<CreateRoleFormValues>();
-	const queryClient = useQueryClient();
-	const history = useHistory();
-	const { showErrorModal } = useErrorModal();
-
-	const isEditMode = !!initialData?.id;
-	const prevIsOpen = useRef(isOpen);
-
-	useEffect(() => {
-		if (isOpen && !prevIsOpen.current) {
-			if (isEditMode && initialData) {
-				form.setFieldsValue({
-					name: initialData.name,
-					description: initialData.description || '',
-				});
-			} else {
-				form.resetFields();
-			}
-		}
-		prevIsOpen.current = isOpen;
-	}, [isOpen, isEditMode, initialData, form]);
-
-	const handleSuccess = async (
-		message: string,
-		redirectPath?: string,
-	): Promise<void> => {
-		await invalidateListRoles(queryClient);
-		if (isEditMode && initialData?.id) {
-			await invalidateGetRole(queryClient, { id: initialData.id });
-		}
-		toast.success(message);
-		form.resetFields();
-		onClose();
-		if (redirectPath) {
-			history.push(redirectPath);
-		}
-	};
-
-	const handleError = (error: unknown): void => {
-		try {
-			ErrorResponseHandlerV2(error as AxiosError<ErrorV2Resp>);
-		} catch (apiError) {
-			showErrorModal(apiError as APIError);
-		}
-	};
-
-	const { mutate: createRole, isLoading: isCreating } = useCreateRole({
-		mutation: {
-			onSuccess: (res) =>
-				handleSuccess(
-					'Role created successfully',
-					generatePath(ROUTES.ROLE_DETAILS, { roleId: res.data.id }),
-				),
-			onError: handleError,
-		},
-	});
-
-	const { mutate: patchRole, isLoading: isPatching } = usePatchRole({
-		mutation: {
-			onSuccess: () => handleSuccess('Role updated successfully'),
-			onError: handleError,
-		},
-	});
-
-	const onSubmit = useCallback(async (): Promise<void> => {
-		try {
-			const values = await form.validateFields();
-			if (isEditMode && initialData?.id) {
-				patchRole({
-					pathParams: { id: initialData.id },
-					data: { description: values.description || '' },
-				});
-			} else {
-				const data: RoletypesPostableRoleDTO = {
-					name: values.name,
-					...(values.description ? { description: values.description } : {}),
-				};
-				createRole({ data });
-			}
-		} catch {
-			// form validation failed; antd handles inline error display
-		}
-	}, [form, createRole, patchRole, isEditMode, initialData]);
-
-	const onCancel = useCallback((): void => {
-		form.resetFields();
-		onClose();
-	}, [form, onClose]);
-
-	const isLoading = isCreating || isPatching;
-
-	return (
-		<Modal
-			open={isOpen}
-			onCancel={onCancel}
-			title={isEditMode ? 'Edit Role Details' : 'Create a New Role'}
-			footer={[
-				<Button
-					key="cancel"
-					variant="solid"
-					color="secondary"
-					onClick={onCancel}
-					size="sm"
-				>
-					<X size={14} />
-					Cancel
-				</Button>,
-				<Button
-					key="submit"
-					variant="solid"
-					color="primary"
-					onClick={onSubmit}
-					loading={isLoading}
-					size="sm"
-				>
-					{isEditMode ? 'Save Changes' : 'Create Role'}
-				</Button>,
-			]}
-			destroyOnClose
-			className="create-role-modal"
-			width={530}
-		>
-			<Form form={form} layout="vertical" className="create-role-form">
-				<Form.Item
-					name="name"
-					label="Name"
-					rules={[{ required: true, message: 'Role name is required' }]}
-				>
-					<Input
-						disabled={isEditMode}
-						placeholder="Enter role name e.g. : Service Owner"
-					/>
-				</Form.Item>
-				<Form.Item name="description" label="Description">
-					<textarea
-						className={inputVariants()}
-						placeholder="A helpful description of the role"
-					/>
-				</Form.Item>
-			</Form>
-		</Modal>
-	);
-}
-
-export default CreateRoleModal;

frontend/src/container/RolesSettings/RolesComponents/DeleteRoleModal.tsx

@@ -1,62 +0,0 @@
-import { Button } from '@signozhq/button';
-import { Trash2, X } from '@signozhq/icons';
-import { Modal } from 'antd';
-
-interface DeleteRoleModalProps {
-	isOpen: boolean;
-	roleName: string;
-	isDeleting: boolean;
-	onCancel: () => void;
-	onConfirm: () => void;
-}
-
-function DeleteRoleModal({
-	isOpen,
-	roleName,
-	isDeleting,
-	onCancel,
-	onConfirm,
-}: DeleteRoleModalProps): JSX.Element {
-	return (
-		<Modal
-			open={isOpen}
-			onCancel={onCancel}
-			title={<span className="title">Delete Role</span>}
-			closable
-			footer={[
-				<Button
-					key="cancel"
-					className="cancel-btn"
-					prefixIcon={<X size={16} />}
-					onClick={onCancel}
-					size="sm"
-					variant="solid"
-					color="secondary"
-				>
-					Cancel
-				</Button>,
-				<Button
-					key="delete"
-					className="delete-btn"
-					prefixIcon={<Trash2 size={16} />}
-					onClick={onConfirm}
-					loading={isDeleting}
-					size="sm"
-					variant="solid"
-					color="destructive"
-				>
-					Delete Role
-				</Button>,
-			]}
-			destroyOnClose
-			className="role-details-delete-modal"
-		>
-			<p className="delete-text">
-				Are you sure you want to delete the role <strong>{roleName}</strong>? This
-				action cannot be undone.
-			</p>
-		</Modal>
-	);
-}
-
-export default DeleteRoleModal;

frontend/src/container/RolesSettings/RolesComponents/RolesListingTable.tsx

@@ -5,15 +5,11 @@ import { useListRoles } from 'api/generated/services/role';
 import { RoletypesRoleDTO } from 'api/generated/services/sigNoz.schemas';
 import ErrorInPlace from 'components/ErrorInPlace/ErrorInPlace';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
-import ROUTES from 'constants/routes';
 import useUrlQuery from 'hooks/useUrlQuery';
 import LineClampedText from 'periscope/components/LineClampedText/LineClampedText';
 import { useTimezone } from 'providers/Timezone';
-import { RoleType } from 'types/roles';
 import { toAPIError } from 'utils/errorUtils';
 
-import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from '../config';
-
 import '../RolesSettings.styles.scss';
 
 const PAGE_SIZE = 20;
@@ -72,15 +68,11 @@ function RolesListingTable({
 	}, [roles, searchQuery]);
 
 	const managedRoles = useMemo(
-		() =>
-			filteredRoles.filter(
-				(role) => role.type?.toLowerCase() === RoleType.MANAGED,
-			),
+		() => filteredRoles.filter((role) => role.type?.toLowerCase() === 'managed'),
 		[filteredRoles],
 	);
 	const customRoles = useMemo(
-		() =>
-			filteredRoles.filter((role) => role.type?.toLowerCase() === RoleType.CUSTOM),
+		() => filteredRoles.filter((role) => role.type?.toLowerCase() === 'custom'),
 		[filteredRoles],
 	);
 
@@ -182,34 +174,9 @@ function RolesListingTable({
 		);
 	}
 
-	const navigateToRole = (roleId: string): void => {
-		history.push(ROUTES.ROLE_DETAILS.replace(':roleId', roleId));
-	};
-
 	// todo: use table from periscope when its available for consumption
 	const renderRow = (role: RoletypesRoleDTO): JSX.Element => (
-		<div
-			key={role.id}
-			className={`roles-table-row ${
-				IS_ROLE_DETAILS_AND_CRUD_ENABLED ? 'roles-table-row--clickable' : ''
-			}`}
-			role="button"
-			tabIndex={IS_ROLE_DETAILS_AND_CRUD_ENABLED ? 0 : -1}
-			onClick={(): void => {
-				if (IS_ROLE_DETAILS_AND_CRUD_ENABLED && role.id) {
-					navigateToRole(role.id);
-				}
-			}}
-			onKeyDown={(e): void => {
-				if (
-					IS_ROLE_DETAILS_AND_CRUD_ENABLED &&
-					(e.key === 'Enter' || e.key === ' ') &&
-					role.id
-				) {
-					navigateToRole(role.id);
-				}
-			}}
-		>
+		<div key={role.id} className="roles-table-row">
 			<div className="roles-table-cell roles-table-cell--name">
 				{role.name ?? '—'}
 			</div>

frontend/src/container/RolesSettings/RolesSettings.styles.scss

@@ -2,7 +2,6 @@
 	.roles-settings-header {
 		display: flex;
 		flex-direction: column;
-		align-items: flex-start;
 		gap: 4px;
 		width: 100%;
 		padding: 16px;
@@ -32,28 +31,8 @@
 		padding: 0 16px;
 	}
 
-	.roles-settings-toolbar {
-		display: flex;
-		align-items: center;
-		gap: 8px;
-		margin-bottom: 12px;
-
-		.role-settings-toolbar-button {
-			display: flex;
-			width: 156px;
-			height: 32px;
-			padding: 6px 12px;
-			justify-content: center;
-			align-items: center;
-			gap: 6px;
-			border-radius: 2px;
-		}
-	}
-
 	// todo: https://github.com/SigNoz/components/issues/116
 	.roles-search-wrapper {
-		flex: 1;
-
 		input {
 			width: 100%;
 			background: var(--l3-background);
@@ -174,14 +153,6 @@
 	background: rgba(171, 189, 255, 0.02);
 	border-bottom: 1px solid var(--secondary);
 	gap: 24px;
-
-	&--clickable {
-		cursor: pointer;
-
-		&:hover {
-			background: rgba(171, 189, 255, 0.05);
-		}
-	}
 }
 
 .roles-table-cell {
@@ -264,136 +235,4 @@
 	.roles-table-row {
 		background: rgba(0, 0, 0, 0.01);
 	}
-
-	.create-role-modal {
-		.ant-modal-title {
-			color: var(--text-base-black);
-		}
-	}
-}
-
-.create-role-modal {
-	.ant-modal-content {
-		padding: 0;
-		background: var(--l2-background);
-		border: 1px solid var(--secondary);
-		border-radius: 4px;
-	}
-
-	.ant-modal-header {
-		background: var(--l2-background);
-		border-bottom: 1px solid var(--secondary);
-		padding: 16px;
-		margin-bottom: 0;
-	}
-
-	.ant-modal-close {
-		top: 14px;
-		inset-inline-end: 16px;
-		width: 14px;
-		height: 14px;
-		color: var(--foreground);
-
-		.ant-modal-close-x {
-			font-size: 12px;
-			display: flex;
-			align-items: center;
-			justify-content: center;
-		}
-	}
-
-	.ant-modal-title {
-		color: var(--text-base-white);
-		font-family: Inter;
-		font-size: 13px;
-		font-weight: 400;
-		line-height: 1;
-		letter-spacing: -0.065px;
-	}
-
-	.ant-modal-body {
-		padding: 16px;
-	}
-
-	.create-role-form {
-		display: flex;
-		flex-direction: column;
-		gap: 16px;
-
-		.ant-form-item {
-			margin-bottom: 0;
-		}
-
-		.ant-form-item-label {
-			padding-bottom: 8px;
-
-			label {
-				color: var(--foreground);
-				font-family: Inter;
-				font-size: 14px;
-				font-weight: 400;
-				line-height: 20px;
-			}
-		}
-
-		// todo: https://github.com/SigNoz/components/issues/116
-		input,
-		textarea {
-			width: 100%;
-			background: var(--l3-background);
-			border: 1px solid var(--l3-border);
-			border-radius: 2px;
-			padding: 6px 8px;
-			font-family: Inter;
-			font-size: 14px;
-			font-weight: 400;
-			line-height: 18px;
-			letter-spacing: -0.07px;
-			color: var(--l1-foreground);
-			outline: none;
-			box-shadow: none;
-
-			&::placeholder {
-				color: var(--l3-foreground);
-				opacity: 0.4;
-			}
-
-			&:focus,
-			&:hover {
-				border-color: var(--input);
-				box-shadow: none;
-			}
-		}
-
-		input {
-			height: 32px;
-		}
-
-		input:disabled {
-			opacity: 0.5;
-			cursor: not-allowed;
-
-			&:hover {
-				border-color: var(--l3-border);
-				box-shadow: none;
-			}
-		}
-
-		textarea {
-			min-height: 100px;
-			resize: vertical;
-		}
-	}
-
-	.ant-modal-footer {
-		display: flex;
-		flex-direction: row;
-		align-items: center;
-		justify-content: flex-end;
-		gap: 12px;
-		margin: 0;
-		padding: 0 16px;
-		height: 56px;
-		border-top: 1px solid var(--secondary);
-	}
 }

frontend/src/container/RolesSettings/RolesSettings.tsx

@@ -1,17 +1,12 @@
 import { useState } from 'react';
-import { Button } from '@signozhq/button';
-import { Plus } from '@signozhq/icons';
 import { Input } from '@signozhq/input';
 
-import { IS_ROLE_DETAILS_AND_CRUD_ENABLED } from './config';
-import CreateRoleModal from './RolesComponents/CreateRoleModal';
 import RolesListingTable from './RolesComponents/RolesListingTable';
 
 import './RolesSettings.styles.scss';
 
 function RolesSettings(): JSX.Element {
 	const [searchQuery, setSearchQuery] = useState('');
-	const [isCreateModalOpen, setIsCreateModalOpen] = useState(false);
 
 	return (
 		<div className="roles-settings" data-testid="roles-settings">
@@ -22,33 +17,16 @@ function RolesSettings(): JSX.Element {
 				</p>
 			</div>
 			<div className="roles-settings-content">
-				<div className="roles-settings-toolbar">
-					<div className="roles-search-wrapper">
-						<Input
-							type="search"
-							placeholder="Search for roles..."
-							value={searchQuery}
-							onChange={(e): void => setSearchQuery(e.target.value)}
-						/>
-					</div>
-					{IS_ROLE_DETAILS_AND_CRUD_ENABLED && (
-						<Button
-							variant="solid"
-							color="primary"
-							className="role-settings-toolbar-button"
-							onClick={(): void => setIsCreateModalOpen(true)}
-						>
-							<Plus size={14} />
-							Custom role
-						</Button>
-					)}
+				<div className="roles-search-wrapper">
+					<Input
+						type="search"
+						placeholder="Search for roles..."
+						value={searchQuery}
+						onChange={(e): void => setSearchQuery(e.target.value)}
+					/>
 				</div>
 				<RolesListingTable searchQuery={searchQuery} />
 			</div>
-			<CreateRoleModal
-				isOpen={isCreateModalOpen}
-				onClose={(): void => setIsCreateModalOpen(false)}
-			/>
 		</div>
 	);
 }

frontend/src/container/RolesSettings/__tests__/utils.test.ts

@@ -1,384 +0,0 @@
-import type {
-	AuthtypesGettableObjectsDTO,
-	AuthtypesGettableResourcesDTO,
-} from 'api/generated/services/sigNoz.schemas';
-
-import type {
-	PermissionConfig,
-	ResourceDefinition,
-} from '../PermissionSidePanel/PermissionSidePanel.types';
-import { PermissionScope } from '../PermissionSidePanel/PermissionSidePanel.types';
-import {
-	buildConfig,
-	buildPatchPayload,
-	configsEqual,
-	DEFAULT_RESOURCE_CONFIG,
-	derivePermissionTypes,
-	deriveResourcesForRelation,
-	objectsToPermissionConfig,
-} from '../utils';
-
-jest.mock('../RoleDetails/constants', () => {
-	const MockIcon = (): null => null;
-	return {
-		PERMISSION_ICON_MAP: {
-			create: MockIcon,
-			list: MockIcon,
-			read: MockIcon,
-			update: MockIcon,
-			delete: MockIcon,
-		},
-		FALLBACK_PERMISSION_ICON: MockIcon,
-		ROLE_ID_REGEX: /\/settings\/roles\/([^/]+)/,
-	};
-});
-
-const dashboardResource: AuthtypesGettableResourcesDTO['resources'][number] = {
-	name: 'dashboard',
-	type: 'metaresource',
-};
-
-const alertResource: AuthtypesGettableResourcesDTO['resources'][number] = {
-	name: 'alert',
-	type: 'metaresource',
-};
-
-const baseAuthzResources: AuthtypesGettableResourcesDTO = {
-	resources: [dashboardResource, alertResource],
-	relations: {
-		create: ['metaresource'],
-		read: ['metaresource'],
-	},
-};
-
-const resourceDefs: ResourceDefinition[] = [
-	{ id: 'dashboard', label: 'Dashboard' },
-	{ id: 'alert', label: 'Alert' },
-];
-
-const ID_A = 'aaaaaaaa-0000-0000-0000-000000000001';
-const ID_B = 'bbbbbbbb-0000-0000-0000-000000000002';
-const ID_C = 'cccccccc-0000-0000-0000-000000000003';
-
-describe('buildPatchPayload', () => {
-	it('sends only the added selector as an addition', () => {
-		const initial: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.additions).toEqual([
-			{ resource: dashboardResource, selectors: [ID_B] },
-		]);
-		expect(result.deletions).toBeNull();
-	});
-
-	it('sends only the removed selector as a deletion', () => {
-		const initial: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B, ID_C],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_C],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.deletions).toEqual([
-			{ resource: dashboardResource, selectors: [ID_B] },
-		]);
-		expect(result.additions).toBeNull();
-	});
-
-	it('treats selector order as irrelevant — produces no payload when IDs are identical', () => {
-		const initial: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_B, ID_A],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.additions).toBeNull();
-		expect(result.deletions).toBeNull();
-	});
-
-	it('replaces wildcard with specific IDs when switching all → only_selected', () => {
-		const initial: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B],
-			},
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.deletions).toEqual([
-			{ resource: dashboardResource, selectors: ['*'] },
-		]);
-		expect(result.additions).toEqual([
-			{ resource: dashboardResource, selectors: [ID_A, ID_B] },
-		]);
-	});
-
-	it('only deletes wildcard when switching all → only_selected with empty selector list', () => {
-		const initial: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.deletions).toEqual([
-			{ resource: dashboardResource, selectors: ['*'] },
-		]);
-		expect(result.additions).toBeNull();
-	});
-
-	it('only includes resources that actually changed', () => {
-		const initial: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
-		};
-		const newConfig: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] }, // unchanged
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A, ID_B] }, // added ID_B
-		};
-
-		const result = buildPatchPayload({
-			newConfig,
-			initialConfig: initial,
-			resources: resourceDefs,
-			authzRes: baseAuthzResources,
-		});
-
-		expect(result.additions).toEqual([
-			{ resource: alertResource, selectors: [ID_B] },
-		]);
-		expect(result.deletions).toBeNull();
-	});
-});
-
-describe('objectsToPermissionConfig', () => {
-	it('maps a wildcard selector to ALL scope', () => {
-		const objects: AuthtypesGettableObjectsDTO[] = [
-			{ resource: dashboardResource, selectors: ['*'] },
-		];
-
-		const result = objectsToPermissionConfig(objects, resourceDefs);
-
-		expect(result.dashboard).toEqual({
-			scope: PermissionScope.ALL,
-			selectedIds: [],
-		});
-	});
-
-	it('maps specific selectors to ONLY_SELECTED scope with the IDs', () => {
-		const objects: AuthtypesGettableObjectsDTO[] = [
-			{ resource: dashboardResource, selectors: [ID_A, ID_B] },
-		];
-
-		const result = objectsToPermissionConfig(objects, resourceDefs);
-
-		expect(result.dashboard).toEqual({
-			scope: PermissionScope.ONLY_SELECTED,
-			selectedIds: [ID_A, ID_B],
-		});
-	});
-
-	it('defaults to ONLY_SELECTED with empty selectedIds when resource is absent from API response', () => {
-		const result = objectsToPermissionConfig([], resourceDefs);
-
-		expect(result.dashboard).toEqual({
-			scope: PermissionScope.ONLY_SELECTED,
-			selectedIds: [],
-		});
-		expect(result.alert).toEqual({
-			scope: PermissionScope.ONLY_SELECTED,
-			selectedIds: [],
-		});
-	});
-});
-
-describe('configsEqual', () => {
-	it('returns true for identical configs', () => {
-		const config: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-			alert: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [ID_A] },
-		};
-
-		expect(configsEqual(config, { ...config })).toBe(true);
-	});
-
-	it('returns false when configs differ', () => {
-		const a: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-		};
-		const b: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ONLY_SELECTED, selectedIds: [] },
-		};
-
-		expect(configsEqual(a, b)).toBe(false);
-
-		const c: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_C, ID_B],
-			},
-		};
-		const d: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B],
-			},
-		};
-
-		expect(configsEqual(c, d)).toBe(false);
-	});
-
-	it('returns true when selectedIds are the same but in different order', () => {
-		const a: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_A, ID_B],
-			},
-		};
-		const b: PermissionConfig = {
-			dashboard: {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [ID_B, ID_A],
-			},
-		};
-
-		expect(configsEqual(a, b)).toBe(true);
-	});
-});
-
-describe('buildConfig', () => {
-	it('uses initial values when provided and defaults for resources not in initial', () => {
-		const initial: PermissionConfig = {
-			dashboard: { scope: PermissionScope.ALL, selectedIds: [] },
-		};
-
-		const result = buildConfig(resourceDefs, initial);
-
-		expect(result.dashboard).toEqual({
-			scope: PermissionScope.ALL,
-			selectedIds: [],
-		});
-		expect(result.alert).toEqual(DEFAULT_RESOURCE_CONFIG);
-	});
-
-	it('applies DEFAULT_RESOURCE_CONFIG to all resources when no initial is provided', () => {
-		const result = buildConfig(resourceDefs);
-
-		expect(result.dashboard).toEqual(DEFAULT_RESOURCE_CONFIG);
-		expect(result.alert).toEqual(DEFAULT_RESOURCE_CONFIG);
-	});
-});
-
-describe('derivePermissionTypes', () => {
-	it('derives one PermissionType per relation key with correct key and capitalised label', () => {
-		const relations: AuthtypesGettableResourcesDTO['relations'] = {
-			create: ['metaresource'],
-			read: ['metaresource'],
-			delete: ['metaresource'],
-		};
-
-		const result = derivePermissionTypes(relations);
-
-		expect(result).toHaveLength(3);
-		expect(result.map((p) => p.key)).toEqual(['create', 'read', 'delete']);
-		expect(result[0].label).toBe('Create');
-	});
-
-	it('falls back to the default set of permission types when relations is null', () => {
-		const result = derivePermissionTypes(null);
-
-		expect(result.map((p) => p.key)).toEqual([
-			'create',
-			'list',
-			'read',
-			'update',
-			'delete',
-		]);
-	});
-});
-
-describe('deriveResourcesForRelation', () => {
-	it('returns resources whose type matches the relation', () => {
-		const result = deriveResourcesForRelation(baseAuthzResources, 'create');
-
-		expect(result).toHaveLength(2);
-		expect(result.map((r) => r.id)).toEqual(['dashboard', 'alert']);
-	});
-
-	it('returns an empty array when authzResources is null', () => {
-		expect(deriveResourcesForRelation(null, 'create')).toHaveLength(0);
-	});
-
-	it('returns an empty array when the relation is not defined in the map', () => {
-		expect(
-			deriveResourcesForRelation(baseAuthzResources, 'nonexistent'),
-		).toHaveLength(0);
-	});
-});

frontend/src/container/RolesSettings/config.ts

@@ -1 +0,0 @@
-export const IS_ROLE_DETAILS_AND_CRUD_ENABLED = false;

frontend/src/container/RolesSettings/utils.tsx

@@ -1,226 +0,0 @@
-import React from 'react';
-import { Badge } from '@signozhq/badge';
-import type {
-	AuthtypesGettableObjectsDTO,
-	AuthtypesGettableResourcesDTO,
-} from 'api/generated/services/sigNoz.schemas';
-import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
-import { capitalize } from 'lodash-es';
-import { useTimezone } from 'providers/Timezone';
-
-import type {
-	PermissionConfig,
-	ResourceConfig,
-	ResourceDefinition,
-} from './PermissionSidePanel/PermissionSidePanel.types';
-import { PermissionScope } from './PermissionSidePanel/PermissionSidePanel.types';
-import {
-	FALLBACK_PERMISSION_ICON,
-	PERMISSION_ICON_MAP,
-} from './RoleDetails/constants';
-
-export interface PermissionType {
-	key: string;
-	label: string;
-	icon: JSX.Element;
-}
-
-export interface PatchPayloadOptions {
-	newConfig: PermissionConfig;
-	initialConfig: PermissionConfig;
-	resources: ResourceDefinition[];
-	authzRes: AuthtypesGettableResourcesDTO;
-}
-
-export function derivePermissionTypes(
-	relations: AuthtypesGettableResourcesDTO['relations'] | null,
-): PermissionType[] {
-	const iconSize = { size: 14 };
-
-	if (!relations) {
-		return Object.entries(PERMISSION_ICON_MAP).map(([key, IconComp]) => ({
-			key,
-			label: capitalize(key),
-			icon: React.createElement(IconComp, iconSize),
-		}));
-	}
-	return Object.keys(relations).map((key) => {
-		const IconComp = PERMISSION_ICON_MAP[key] ?? FALLBACK_PERMISSION_ICON;
-		return {
-			key,
-			label: capitalize(key),
-			icon: React.createElement(IconComp, iconSize),
-		};
-	});
-}
-
-export function deriveResourcesForRelation(
-	authzResources: AuthtypesGettableResourcesDTO | null,
-	relation: string,
-): ResourceDefinition[] {
-	if (!authzResources?.relations) {
-		return [];
-	}
-	const supportedTypes = authzResources.relations[relation] ?? [];
-	return authzResources.resources
-		.filter((r) => supportedTypes.includes(r.type))
-		.map((r) => ({
-			id: r.name,
-			label: capitalize(r.name).replace(/_/g, ' '),
-			options: [],
-		}));
-}
-
-export function objectsToPermissionConfig(
-	objects: AuthtypesGettableObjectsDTO[],
-	resources: ResourceDefinition[],
-): PermissionConfig {
-	const config: PermissionConfig = {};
-	for (const res of resources) {
-		const obj = objects.find((o) => o.resource.name === res.id);
-		if (!obj) {
-			config[res.id] = {
-				scope: PermissionScope.ONLY_SELECTED,
-				selectedIds: [],
-			};
-		} else {
-			const isAll = obj.selectors.includes('*');
-			config[res.id] = {
-				scope: isAll ? PermissionScope.ALL : PermissionScope.ONLY_SELECTED,
-				selectedIds: isAll ? [] : obj.selectors,
-			};
-		}
-	}
-	return config;
-}
-
-// eslint-disable-next-line sonarjs/cognitive-complexity
-export function buildPatchPayload({
-	newConfig,
-	initialConfig,
-	resources,
-	authzRes,
-}: PatchPayloadOptions): {
-	additions: AuthtypesGettableObjectsDTO[] | null;
-	deletions: AuthtypesGettableObjectsDTO[] | null;
-} {
-	if (!authzRes) {
-		return { additions: null, deletions: null };
-	}
-	const additions: AuthtypesGettableObjectsDTO[] = [];
-	const deletions: AuthtypesGettableObjectsDTO[] = [];
-
-	for (const res of resources) {
-		const initial = initialConfig[res.id];
-		const current = newConfig[res.id];
-		const resourceDef = authzRes.resources.find((r) => r.name === res.id);
-		if (!resourceDef) {
-			continue;
-		}
-
-		const initialScope = initial?.scope ?? PermissionScope.ONLY_SELECTED;
-		const currentScope = current?.scope ?? PermissionScope.ONLY_SELECTED;
-
-		if (initialScope === currentScope) {
-			// Same scope — only diff individual selectors when both are ONLY_SELECTED
-			if (initialScope === PermissionScope.ONLY_SELECTED) {
-				const initialIds = new Set(initial?.selectedIds ?? []);
-				const currentIds = new Set(current?.selectedIds ?? []);
-				const removed = [...initialIds].filter((id) => !currentIds.has(id));
-				const added = [...currentIds].filter((id) => !initialIds.has(id));
-				if (removed.length > 0) {
-					deletions.push({ resource: resourceDef, selectors: removed });
-				}
-				if (added.length > 0) {
-					additions.push({ resource: resourceDef, selectors: added });
-				}
-			}
-			// Both ALL → no change, skip
-		} else {
-			// Scope changed (ALL ↔ ONLY_SELECTED) — replace old with new
-			const initialSelectors =
-				initialScope === PermissionScope.ALL ? ['*'] : initial?.selectedIds ?? [];
-			if (initialSelectors.length > 0) {
-				deletions.push({ resource: resourceDef, selectors: initialSelectors });
-			}
-			const currentSelectors =
-				currentScope === PermissionScope.ALL ? ['*'] : current?.selectedIds ?? [];
-			if (currentSelectors.length > 0) {
-				additions.push({ resource: resourceDef, selectors: currentSelectors });
-			}
-		}
-	}
-
-	return {
-		additions: additions.length > 0 ? additions : null,
-		deletions: deletions.length > 0 ? deletions : null,
-	};
-}
-
-interface TimestampBadgeProps {
-	date?: Date | string;
-}
-
-export function TimestampBadge({ date }: TimestampBadgeProps): JSX.Element {
-	const { formatTimezoneAdjustedTimestamp } = useTimezone();
-
-	if (!date) {
-		return <Badge color="vanilla">—</Badge>;
-	}
-
-	const d = new Date(date);
-	if (Number.isNaN(d.getTime())) {
-		return <Badge color="vanilla">—</Badge>;
-	}
-
-	const formatted = formatTimezoneAdjustedTimestamp(
-		date,
-		DATE_TIME_FORMATS.DASH_DATETIME,
-	);
-
-	return <Badge color="vanilla">{formatted}</Badge>;
-}
-
-export const DEFAULT_RESOURCE_CONFIG: ResourceConfig = {
-	scope: PermissionScope.ONLY_SELECTED,
-	selectedIds: [],
-};
-
-export function buildConfig(
-	resources: ResourceDefinition[],
-	initial?: PermissionConfig,
-): PermissionConfig {
-	const config: PermissionConfig = {};
-	resources.forEach((r) => {
-		config[r.id] = initial?.[r.id] ?? { ...DEFAULT_RESOURCE_CONFIG };
-	});
-	return config;
-}
-
-export function isResourceConfigEqual(
-	ac: ResourceConfig,
-	bc?: ResourceConfig,
-): boolean {
-	if (!bc) {
-		return false;
-	}
-	return (
-		ac.scope === bc.scope &&
-		JSON.stringify([...ac.selectedIds].sort()) ===
-			JSON.stringify([...bc.selectedIds].sort())
-	);
-}
-
-export function configsEqual(
-	a: PermissionConfig,
-	b: PermissionConfig,
-): boolean {
-	const keysA = Object.keys(a);
-	const keysB = Object.keys(b);
-
-	if (keysA.length !== keysB.length) {
-		return false;
-	}
-
-	return keysA.every((id) => isResourceConfigEqual(a[id], b[id]));
-}

frontend/src/container/TopNav/DateTimeSelectionV2/constants.ts

@@ -160,7 +160,6 @@ export const routesToSkip = [
 	ROUTES.LOGS_PIPELINES,
 	ROUTES.BILLING,
 	ROUTES.ROLES_SETTINGS,
-	ROUTES.ROLE_DETAILS,
 	ROUTES.SUPPORT,
 	ROUTES.WORKSPACE_LOCKED,
 	ROUTES.WORKSPACE_SUSPENDED,

frontend/src/mocks-server/__mockdata__/roles.ts

@@ -62,6 +62,3 @@ export const listRolesSuccessResponse = {
 	status: 'success',
 	data: allRoles,
 };
-
-export const customRoleResponse = { status: 'success', data: customRoles[0] };
-export const managedRoleResponse = { status: 'success', data: managedRoles[0] };

frontend/src/pages/Settings/Settings.tsx

@@ -109,7 +109,6 @@ function SettingsPage(): JSX.Element {
 						isEnabled:
 							item.key === ROUTES.BILLING ||
 							item.key === ROUTES.ROLES_SETTINGS ||
-							item.key === ROUTES.ROLE_DETAILS ||
 							item.key === ROUTES.INTEGRATIONS ||
 							item.key === ROUTES.API_KEYS ||
 							item.key === ROUTES.ORG_SETTINGS ||
@@ -138,8 +137,7 @@ function SettingsPage(): JSX.Element {
 						isEnabled:
 							item.key === ROUTES.API_KEYS ||
 							item.key === ROUTES.ORG_SETTINGS ||
-							item.key === ROUTES.ROLES_SETTINGS ||
-							item.key === ROUTES.ROLE_DETAILS
+							item.key === ROUTES.ROLES_SETTINGS
 								? true
 								: item.isEnabled,
 					}));
@@ -231,13 +229,6 @@ function SettingsPage(): JSX.Element {
 			return true;
 		}
 
-		if (
-			pathname.startsWith(ROUTES.ROLES_SETTINGS) &&
-			key === ROUTES.ROLES_SETTINGS
-		) {
-			return true;
-		}
-
 		return pathname === key;
 	};
 

frontend/src/pages/Settings/config.tsx

@@ -13,7 +13,6 @@ import MultiIngestionSettings from 'container/IngestionSettings/MultiIngestionSe
 import MySettings from 'container/MySettings';
 import OrganizationSettings from 'container/OrganizationSettings';
 import RolesSettings from 'container/RolesSettings';
-import RoleDetailsPage from 'container/RolesSettings/RoleDetails';
 import { TFunction } from 'i18next';
 import {
 	Backpack,
@@ -164,19 +163,6 @@ export const rolesSettings = (t: TFunction): RouteTabProps['routes'] => [
 	},
 ];
 
-export const roleDetails = (t: TFunction): RouteTabProps['routes'] => [
-	{
-		Component: RoleDetailsPage,
-		name: (
-			<div className="periscope-tab">
-				<Shield size={16} /> {t('routes:role_details').toString()}
-			</div>
-		),
-		route: ROUTES.ROLE_DETAILS,
-		key: ROUTES.ROLE_DETAILS,
-	},
-];
-
 export const keyboardShortcuts = (t: TFunction): RouteTabProps['routes'] => [
 	{
 		Component: Shortcuts,

frontend/src/pages/Settings/utils.ts

@@ -15,7 +15,6 @@ import {
 	multiIngestionSettings,
 	mySettings,
 	organizationSettings,
-	roleDetails,
 	rolesSettings,
 } from './config';
 
@@ -69,7 +68,7 @@ export const getRoutes = (
 	}
 
 	if (isAdmin) {
-		settings.push(...rolesSettings(t), ...roleDetails(t));
+		settings.push(...rolesSettings(t));
 	}
 
 	settings.push(

frontend/src/tests/test-utils.tsx

@@ -245,7 +245,6 @@ export function getAppContextMock(
 			ee: 'Y',
 			setupCompleted: true,
 		},
-
 		...appContextOverrides,
 	};
 }

frontend/src/types/roles.ts

@@ -11,8 +11,3 @@ export const USER_ROLES = {
 	EDITOR: 'EDITOR',
 	AUTHOR: 'AUTHOR',
 };
-
-export enum RoleType {
-	MANAGED = 'managed',
-	CUSTOM = 'custom',
-}

frontend/src/utils/errorUtils.ts

@@ -1,6 +1,6 @@
-import { ErrorResponseHandlerForGeneratedAPIs } from 'api/ErrorResponseHandlerForGeneratedAPIs';
-import { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
-import { ErrorType } from 'api/generatedAPIInstance';
+import { ErrorResponseHandlerV2 } from 'api/ErrorResponseHandlerV2';
+import { AxiosError } from 'axios';
+import { ErrorV2Resp } from 'types/api';
 import APIError from 'types/api/error';
 
 /**
@@ -35,11 +35,11 @@ export const isRetryableError = (error: any): boolean => {
 };
 
 export function toAPIError(
-	error: ErrorType<RenderErrorResponseDTO>,
+	error: unknown,
 	defaultMessage = 'An unexpected error occurred.',
 ): APIError {
 	try {
-		ErrorResponseHandlerForGeneratedAPIs(error);
+		ErrorResponseHandlerV2(error as AxiosError<ErrorV2Resp>);
 	} catch (apiError) {
 		if (apiError instanceof APIError) {
 			return apiError;
@@ -55,14 +55,3 @@ export function toAPIError(
 		},
 	});
 }
-
-export function handleApiError(
-	err: ErrorType<RenderErrorResponseDTO>,
-	showErrorFunction: (error: APIError) => void,
-): void {
-	try {
-		ErrorResponseHandlerForGeneratedAPIs(err);
-	} catch (apiError) {
-		showErrorFunction(apiError as APIError);
-	}
-}

frontend/src/utils/permission/index.ts

@@ -98,7 +98,6 @@ export const routePermission: Record<keyof typeof ROUTES, ROLES[]> = {
 	WORKSPACE_LOCKED: ['ADMIN', 'EDITOR', 'VIEWER'],
 	WORKSPACE_SUSPENDED: ['ADMIN', 'EDITOR', 'VIEWER'],
 	ROLES_SETTINGS: ['ADMIN'],
-	ROLE_DETAILS: ['ADMIN'],
 	BILLING: ['ADMIN'],
 	SUPPORT: ['ADMIN', 'EDITOR', 'VIEWER'],
 	SOMETHING_WENT_WRONG: ['ADMIN', 'EDITOR', 'VIEWER'],

frontend/yarn.lock

@@ -4476,28 +4476,6 @@
     "@radix-ui/react-roving-focus" "1.0.4"
     "@radix-ui/react-use-controllable-state" "1.0.1"
 
-"@radix-ui/react-toggle-group@^1.1.7":
-  version "1.1.11"
-  resolved "https://registry.yarnpkg.com/@radix-ui/react-toggle-group/-/react-toggle-group-1.1.11.tgz#e513d6ffdb07509b400ab5b26f2523747c0d51c1"
-  integrity sha512-5umnS0T8JQzQT6HbPyO7Hh9dgd82NmS36DQr+X/YJ9ctFNCiiQd6IJAYYZ33LUwm8M+taCz5t2ui29fHZc4Y6Q==
-  dependencies:
-    "@radix-ui/primitive" "1.1.3"
-    "@radix-ui/react-context" "1.1.2"
-    "@radix-ui/react-direction" "1.1.1"
-    "@radix-ui/react-primitive" "2.1.3"
-    "@radix-ui/react-roving-focus" "1.1.11"
-    "@radix-ui/react-toggle" "1.1.10"
-    "@radix-ui/react-use-controllable-state" "1.2.2"
-
-"@radix-ui/react-toggle@1.1.10", "@radix-ui/react-toggle@^1.1.6":
-  version "1.1.10"
-  resolved "https://registry.yarnpkg.com/@radix-ui/react-toggle/-/react-toggle-1.1.10.tgz#b04ba0f9609599df666fce5b2f38109a197f08cf"
-  integrity sha512-lS1odchhFTeZv3xwHH31YPObmJn8gOg7Lq12inrr0+BH/l3Tsq32VfjqH1oh80ARM3mlkfMic15n0kg4sD1poQ==
-  dependencies:
-    "@radix-ui/primitive" "1.1.3"
-    "@radix-ui/react-primitive" "2.1.3"
-    "@radix-ui/react-use-controllable-state" "1.2.2"
-
 "@radix-ui/react-tooltip@1.0.7":
   version "1.0.7"
   resolved "https://registry.yarnpkg.com/@radix-ui/react-tooltip/-/react-tooltip-1.0.7.tgz#8f55070f852e7e7450cc1d9210b793d2e5a7686e"
@@ -5200,21 +5178,6 @@
     tailwind-merge "^2.5.2"
     tailwindcss-animate "^1.0.7"
 
-"@signozhq/toggle-group@^0.0.1":
-  version "0.0.1"
-  resolved "https://registry.yarnpkg.com/@signozhq/toggle-group/-/toggle-group-0.0.1.tgz#c82ff1da34e77b24da53c2d595ad6b4a0d1b1de4"
-  integrity sha512-871bQayL5MaqsuNOFHKexidu9W2Hlg1y4xmH8C5mGmlfZ4bd0ovJ9OweQrM6Puys3jeMwi69xmJuesYCfKQc1g==
-  dependencies:
-    "@radix-ui/react-icons" "^1.3.0"
-    "@radix-ui/react-slot" "^1.1.0"
-    "@radix-ui/react-toggle" "^1.1.6"
-    "@radix-ui/react-toggle-group" "^1.1.7"
-    class-variance-authority "^0.7.0"
-    clsx "^2.1.1"
-    lucide-react "^0.445.0"
-    tailwind-merge "^2.5.2"
-    tailwindcss-animate "^1.0.7"
-
 "@signozhq/tooltip@0.0.2":
   version "0.0.2"
   resolved "https://registry.yarnpkg.com/@signozhq/tooltip/-/tooltip-0.0.2.tgz#bb4e2681868fa2e06db78eff5872ffb2a78b93b6"

pkg/modules/cloudintegration/cloudintegration.go

@@ -0,0 +1,62 @@
+package cloudintegration
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Module interface {
+	GetName() cloudintegrationtypes.CloudProviderType
+
+	// AgentCheckIn is called by agent to heartbeat and get latest config in response.
+	AgentCheckIn(ctx context.Context, req *cloudintegrationtypes.PostableAgentCheckInPayload) (any, error)
+
+	GenerateConnectionParams(ctx context.Context) (*cloudintegrationtypes.GettableCloudIntegrationConnectionParams, error)
+	// GenerateConnectionArtifact generates cloud provider specific connection information, client side handles how this information is shown
+	GenerateConnectionArtifact(ctx context.Context, req *cloudintegrationtypes.PostableConnectionArtifact) (any, error)
+	// GetAccountStatus returns agent connection status for a cloud integration account
+	GetAccountStatus(ctx context.Context, orgID, accountID string) (*cloudintegrationtypes.GettableAccountStatus, error)
+	// ListConnectedAccounts lists accounts where agent is connected
+	ListConnectedAccounts(ctx context.Context, orgID string) (*cloudintegrationtypes.GettableConnectedAccountsList, error)
+
+	// LIstServices return list of services for a cloud provider attached with the accountID. This just returns a summary
+	ListServices(ctx context.Context, orgID string, accountID *string) (any, error) // returns either GettableAWSServices or GettableAzureServices
+	// GetServiceDetails returns service definition details for a serviceId. This returns config and other details required to show in service details page on client.
+	GetServiceDetails(ctx context.Context, req *cloudintegrationtypes.GetServiceDetailsReq) (any, error)
+
+	// GetDashboard returns dashboard json for a give cloud integration service dashboard.
+	// this only returns the dashboard when account is connected and service is enabled
+	GetDashboard(ctx context.Context, id string, orgID valuer.UUID) (*dashboardtypes.Dashboard, error)
+	// GetAvailableDashboards returns list of available dashboards across all connected cloud integration accounts in the org.
+	// this list gets added to dashboard list page
+	GetAvailableDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error)
+
+	// UpdateAccountConfig updates cloud integration account config
+	UpdateAccountConfig(ctx context.Context, orgId valuer.UUID, accountId string, config []byte) (any, error)
+	// UpdateServiceConfig updates cloud integration service config
+	UpdateServiceConfig(ctx context.Context, serviceId string, orgID valuer.UUID, config []byte) (any, error)
+
+	// DisconnectAccount soft deletes/removes a cloud integration account.
+	DisconnectAccount(ctx context.Context, orgID, accountID string) (*cloudintegrationtypes.CloudIntegration, error)
+}
+
+type Handler interface {
+	AgentCheckIn(http.ResponseWriter, *http.Request)
+
+	GenerateConnectionParams(http.ResponseWriter, *http.Request)
+	GenerateConnectionArtifact(http.ResponseWriter, *http.Request)
+
+	ListConnectedAccounts(http.ResponseWriter, *http.Request)
+	GetAccountStatus(http.ResponseWriter, *http.Request)
+	ListServices(http.ResponseWriter, *http.Request)
+	GetServiceDetails(http.ResponseWriter, *http.Request)
+
+	UpdateAccountConfig(http.ResponseWriter, *http.Request)
+	UpdateServiceConfig(http.ResponseWriter, *http.Request)
+
+	DisconnectAccount(http.ResponseWriter, *http.Request)
+}

pkg/types/cloudintegrationtypes/cloudintegration.go

@@ -0,0 +1,643 @@
+// NOTE:
+//   - When Account keyword is used in struct names, it refers cloud integration account. CloudIntegration refers to DB schema.
+//   - When Account Config keyword is used in struct names, it refers to configuration for cloud integration accounts
+//   - When Service keyword is used in struct names, it refers to cloud integration service. CloudIntegrationService refers to DB schema.
+//     where `service` is services provided by each cloud provider like AWS S3, Azure BlobStorage etc.
+//   - When Service Config keyword is used in struct names, it refers to configuration for cloud integration services
+package cloudintegrationtypes
+
+import (
+	"database/sql/driver"
+	"encoding/json"
+	"strings"
+	"time"
+
+	"github.com/uptrace/bun"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+// CloudProviderType type alias
+type CloudProviderType struct{ valuer.String }
+
+var (
+	CloudProviderTypeAWS   = valuer.NewString("aws")
+	CloudProviderTypeAzure = valuer.NewString("azure")
+)
+
+var ErrCodeCloudProviderInvalidInput = errors.MustNewCode("invalid_cloud_provider")
+
+// NewCloudProvider returns a new CloudProviderType from a string. It validates the input and returns an error if the input is not valid.
+func NewCloudProvider(provider string) (CloudProviderType, error) {
+	switch provider {
+	case CloudProviderTypeAWS.String():
+		return CloudProviderType{CloudProviderTypeAWS}, nil
+	case CloudProviderTypeAzure.String():
+		return CloudProviderType{CloudProviderTypeAzure}, nil
+	default:
+		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider)
+	}
+}
+
+var (
+	AWSIntegrationUserEmail   = valuer.MustNewEmail("aws-integration@signoz.io")
+	AzureIntegrationUserEmail = valuer.MustNewEmail("azure-integration@signoz.io")
+)
+
+// CloudIntegrationUserEmails is the list of valid emails for Cloud One Click integrations.
+// This is used for validation and restrictions in different contexts, across codebase.
+var CloudIntegrationUserEmails = []valuer.Email{
+	AWSIntegrationUserEmail,
+	AzureIntegrationUserEmail,
+}
+
+func IsCloudIntegrationDashboardUuid(dashboardUuid string) bool {
+	parts := strings.SplitN(dashboardUuid, "--", 4)
+	if len(parts) != 4 {
+		return false
+	}
+
+	return parts[0] == "cloud-integration"
+}
+
+// GetCloudIntegrationDashboardID returns the cloud provider from dashboard id, if it's a cloud integration dashboard id.
+// throws an error if invalid format or invalid cloud provider is provided in the dashboard id.
+func GetCloudProviderFromDashboardID(dashboardUuid string) (CloudProviderType, error) {
+	parts := strings.SplitN(dashboardUuid, "--", 4)
+	if len(parts) != 4 {
+		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid dashboard uuid: %s", dashboardUuid)
+	}
+
+	providerStr := parts[1]
+
+	cloudProvider, err := NewCloudProvider(providerStr)
+	if err != nil {
+		return CloudProviderType{}, err
+	}
+
+	return cloudProvider, nil
+}
+
+// Generic utility functions for JSON serialization/deserialization
+// this is helpful to return right errors from a common place and avoid repeating the same code in multiple places.
+// UnmarshalJSON is a generic function to unmarshal JSON data into any type
+func UnmarshalJSON[T any](src []byte, target *T) error {
+	err := json.Unmarshal(src, target)
+	if err != nil {
+		return errors.WrapInternalf(
+			err, errors.CodeInternal, "couldn't deserialize JSON",
+		)
+	}
+	return nil
+}
+
+// MarshalJSON is a generic function to marshal any type to JSON
+func MarshalJSON[T any](source *T) ([]byte, error) {
+	if source == nil {
+		return nil, errors.NewInternalf(errors.CodeInternal, "source is nil")
+	}
+
+	serialized, err := json.Marshal(source)
+	if err != nil {
+		return nil, errors.WrapInternalf(
+			err, errors.CodeInternal, "couldn't serialize to JSON",
+		)
+	}
+	return serialized, nil
+}
+
+// GettableConnectedAccountsList is the response for listing connected accounts for a cloud provider.
+type GettableConnectedAccountsList struct {
+	Accounts []*Account `json:"accounts"`
+}
+
+// SigNozAgentConfig represents parameters required for agent deployment in cloud provider accounts
+// these represent parameters passed during agent deployment, how they are passed might change for each cloud provider but the purpose is same.
+type SigNozAgentConfig struct {
+	Region string `json:"region,omitempty"` // AWS-specific: The region in which SigNoz agent should be installed
+
+	IngestionUrl string `json:"ingestion_url"`
+	IngestionKey string `json:"ingestion_key"`
+	SigNozAPIUrl string `json:"signoz_api_url"`
+	SigNozAPIKey string `json:"signoz_api_key"`
+
+	Version string `json:"version,omitempty"`
+}
+
+// PostableConnectionArtifact represent request body for generating connection artifact API.
+// Data is request body raw bytes since each cloud provider will have have different request body structure and generics hardly help in such cases.
+// Artifact is a generic name for different types of connection methods like connection URL for AWS, connection command for Azure etc.
+type PostableConnectionArtifact struct {
+	OrgID string
+	Data  []byte // either PostableAWSConnectionUrl or PostableAzureConnectionCommand
+}
+
+// PostableAWSConnectionUrl is request body for AWS connection artifact API
+type PostableAWSConnectionUrl struct {
+	AgentConfig   *SigNozAgentConfig `json:"agent_config"`
+	AccountConfig *AWSAccountConfig  `json:"account_config"`
+}
+
+// PostableAzureConnectionCommand is request body for Azure connection artifact API
+type PostableAzureConnectionCommand struct {
+	AgentConfig   *SigNozAgentConfig  `json:"agent_config"`
+	AccountConfig *AzureAccountConfig `json:"account_config"`
+}
+
+// GettableAzureConnectionArtifact is Azure specific connection artifact which contains connection commands for agent deployment
+type GettableAzureConnectionArtifact struct {
+	AzureShellConnectionCommand string `json:"az_shell_connection_command"`
+	AzureCliConnectionCommand   string `json:"az_cli_connection_command"`
+}
+
+// GettableAWSConnectionUrl is AWS specific connection artifact which contains connection url for agent deployment
+type GettableAWSConnectionUrl struct {
+	AccountId     string `json:"account_id"`
+	ConnectionUrl string `json:"connection_url"`
+}
+
+// GettableAzureConnectionCommand is Azure specific connection artifact which contains connection commands for agent deployment
+type GettableAzureConnectionCommand struct {
+	AccountId                   string `json:"account_id"`
+	AzureShellConnectionCommand string `json:"az_shell_connection_command"`
+	AzureCliConnectionCommand   string `json:"az_cli_connection_command"`
+}
+
+// GettableAccountStatus is cloud integration account status response
+type GettableAccountStatus struct {
+	Id             string        `json:"id"`
+	CloudAccountId *string       `json:"cloud_account_id,omitempty"`
+	Status         AccountStatus `json:"status"`
+}
+
+// PostableAgentCheckInPayload is request body for agent check-in API.
+// This is used by agent to send heartbeat.
+type PostableAgentCheckInPayload struct {
+	ID        string `json:"account_id"`
+	AccountID string `json:"cloud_account_id"`
+	// Arbitrary cloud specific Agent data
+	Data  map[string]any `json:"data,omitempty"`
+	OrgID string         `json:"-"`
+}
+
+// AWSAgentIntegrationConfig is used by agent for deploying infra to send telemetry to SigNoz
+type AWSAgentIntegrationConfig struct {
+	EnabledRegions              []string               `json:"enabled_regions"`
+	TelemetryCollectionStrategy *AWSCollectionStrategy `json:"telemetry,omitempty"`
+}
+
+// AzureAgentIntegrationConfig is used by agent for deploying infra to send telemetry to SigNoz
+type AzureAgentIntegrationConfig struct {
+	DeploymentRegion      string   `json:"deployment_region"` // will not be changed once set
+	EnabledResourceGroups []string `json:"resource_groups"`
+	// TelemetryCollectionStrategy is map of service to telemetry config
+	TelemetryCollectionStrategy map[string]*AzureCollectionStrategy `json:"telemetry,omitempty"`
+}
+
+// GettableAgentCheckInRes is generic response from agent check-in API.
+// AWSAgentIntegrationConfig and AzureAgentIntegrationConfig these configs are used by agent to deploy the infra and send telemetry to SigNoz
+type GettableAgentCheckInRes[AgentConfigT any] struct {
+	AccountId         string       `json:"account_id"`
+	CloudAccountId    string       `json:"cloud_account_id"`
+	RemovedAt         *time.Time   `json:"removed_at"`
+	IntegrationConfig AgentConfigT `json:"integration_config"`
+}
+
+// UpdatableServiceConfig is generic
+type UpdatableServiceConfig[ServiceConfigT any] struct {
+	CloudAccountId string         `json:"cloud_account_id"`
+	Config         ServiceConfigT `json:"config"`
+}
+
+// ServiceConfigTyped is a generic interface for cloud integration service's configuration
+// this is generic interface to define helper functions for CloudIntegrationService.Config field.
+type ServiceConfigTyped[definition Definition] interface {
+	Validate(def definition) error
+	IsMetricsEnabled() bool
+	IsLogsEnabled() bool
+}
+
+type AWSServiceConfig struct {
+	Logs    *AWSServiceLogsConfig    `json:"logs,omitempty"`
+	Metrics *AWSServiceMetricsConfig `json:"metrics,omitempty"`
+}
+
+type AWSServiceLogsConfig struct {
+	Enabled   bool                `json:"enabled"`
+	S3Buckets map[string][]string `json:"s3_buckets,omitempty"`
+}
+
+type AWSServiceMetricsConfig struct {
+	Enabled bool `json:"enabled"`
+}
+
+// IsMetricsEnabled returns true if metrics collection is configured and enabled
+func (a *AWSServiceConfig) IsMetricsEnabled() bool {
+	return a.Metrics != nil && a.Metrics.Enabled
+}
+
+// IsLogsEnabled returns true if logs collection is configured and enabled
+func (a *AWSServiceConfig) IsLogsEnabled() bool {
+	return a.Logs != nil && a.Logs.Enabled
+}
+
+type AzureServiceConfig struct {
+	Logs    []*AzureServiceLogsConfig    `json:"logs,omitempty"`
+	Metrics []*AzureServiceMetricsConfig `json:"metrics,omitempty"`
+}
+
+// AzureServiceLogsConfig is Azure specific service config for logs
+type AzureServiceLogsConfig struct {
+	Enabled bool   `json:"enabled"`
+	Name    string `json:"name"`
+}
+
+// AzureServiceMetricsConfig is Azure specific service config for metrics
+type AzureServiceMetricsConfig struct {
+	Enabled bool   `json:"enabled"`
+	Name    string `json:"name"`
+}
+
+// IsMetricsEnabled returns true if any metric is configured and enabled
+func (a *AzureServiceConfig) IsMetricsEnabled() bool {
+	if a.Metrics == nil {
+		return false
+	}
+	for _, m := range a.Metrics {
+		if m.Enabled {
+			return true
+		}
+	}
+	return false
+}
+
+// IsLogsEnabled returns true if any log is configured and enabled
+func (a *AzureServiceConfig) IsLogsEnabled() bool {
+	if a.Logs == nil {
+		return false
+	}
+	for _, l := range a.Logs {
+		if l.Enabled {
+			return true
+		}
+	}
+	return false
+}
+
+func (a *AWSServiceConfig) Validate(def *AWSDefinition) error {
+	if def.Id != S3Sync.String() && a.Logs != nil && a.Logs.S3Buckets != nil {
+		return errors.NewInvalidInputf(errors.CodeInvalidInput, "s3 buckets can only be added to service-type[%s]", S3Sync)
+	} else if def.Id == S3Sync.String() && a.Logs != nil && a.Logs.S3Buckets != nil {
+		for region := range a.Logs.S3Buckets {
+			if _, found := ValidAWSRegions[region]; !found {
+				return errors.NewInvalidInputf(CodeInvalidCloudRegion, "invalid cloud region: %s", region)
+			}
+		}
+	}
+
+	return nil
+}
+
+func (a *AzureServiceConfig) Validate(def *AzureDefinition) error {
+	logsMap := make(map[string]bool)
+	metricsMap := make(map[string]bool)
+
+	if def.Strategy != nil && def.Strategy.Logs != nil {
+		for _, log := range def.Strategy.Logs {
+			logsMap[log.Name] = true
+		}
+	}
+
+	if def.Strategy != nil && def.Strategy.Metrics != nil {
+		for _, metric := range def.Strategy.Metrics {
+			metricsMap[metric.Name] = true
+		}
+	}
+
+	for _, log := range a.Logs {
+		if _, found := logsMap[log.Name]; !found {
+			return errors.NewInvalidInputf(errors.CodeInvalidInput, "invalid log name: %s", log.Name)
+		}
+	}
+
+	for _, metric := range a.Metrics {
+		if _, found := metricsMap[metric.Name]; !found {
+			return errors.NewInvalidInputf(errors.CodeInvalidInput, "invalid metric name: %s", metric.Name)
+		}
+	}
+
+	return nil
+}
+
+// UpdatableServiceConfigRes is response for UpdateServiceConfig API
+// TODO: find a better way to name this
+type UpdatableServiceConfigRes struct {
+	ServiceId string `json:"id"`
+	Config    any    `json:"config"`
+}
+
+// UpdatableAccountConfigTyped is a generic struct for updating cloud integration account config used in UpdateAccountConfig API
+type UpdatableAccountConfigTyped[AccountConfigT any] struct {
+	Config *AccountConfigT `json:"config"`
+}
+
+type (
+	UpdatableAWSAccountConfig   = UpdatableAccountConfigTyped[AWSAccountConfig]
+	UpdatableAzureAccountConfig = UpdatableAccountConfigTyped[AzureAccountConfig]
+)
+
+// AWSAccountConfig is the configuration for AWS cloud integration account
+type AWSAccountConfig struct {
+	EnabledRegions []string `json:"regions"`
+}
+
+// AzureAccountConfig is the configuration for Azure cloud integration account
+type AzureAccountConfig struct {
+	DeploymentRegion      string   `json:"deployment_region,omitempty"`
+	EnabledResourceGroups []string `json:"resource_groups,omitempty"`
+}
+
+// GettableServices is a generic struct for listing services of a cloud integration account used in ListServices API
+type GettableServices[ServiceSummaryT any] struct {
+	Services []ServiceSummaryT `json:"services"`
+}
+
+type (
+	GettableAWSServices   = GettableServices[AWSServiceSummary]
+	GettableAzureServices = GettableServices[AzureServiceSummary]
+)
+
+// GetServiceDetailsReq is a req struct for getting service definition details
+type GetServiceDetailsReq struct {
+	OrgID          valuer.UUID
+	ServiceId      string
+	CloudAccountID *string
+}
+
+// ServiceSummary is a generic struct for service summary used in ListServices API
+type ServiceSummary[ServiceConfigT any] struct {
+	DefinitionMetadata
+	Config *ServiceConfigT `json:"config"`
+}
+
+type (
+	AWSServiceSummary   = ServiceSummary[AWSServiceConfig]
+	AzureServiceSummary = ServiceSummary[AzureServiceConfig]
+)
+
+// GettableServiceDetails is a generic struct for service details used in GetServiceDetails API
+type GettableServiceDetails[DefinitionT any, ServiceConfigT any] struct {
+	Definition       DefinitionT              `json:",inline"`
+	Config           ServiceConfigT           `json:"config"`
+	ConnectionStatus *ServiceConnectionStatus `json:"status,omitempty"`
+}
+
+type (
+	GettableAWSServiceDetails   = GettableServiceDetails[AWSDefinition, *AWSServiceConfig]
+	GettableAzureServiceDetails = GettableServiceDetails[AzureDefinition, *AzureServiceConfig]
+)
+
+// ServiceConnectionStatus represents integration connection status for a particular service
+// this struct helps to check ingested data and determines connection status by whether data was ingested or not.
+// this is composite struct for both metrics and logs
+type ServiceConnectionStatus struct {
+	Logs    []*SignalConnectionStatus `json:"logs"`
+	Metrics []*SignalConnectionStatus `json:"metrics"`
+}
+
+// SignalConnectionStatus represents connection status for a particular signal type (logs or metrics) for a service
+// this struct is used in API responses for clients to show relevant information about the connection status.
+type SignalConnectionStatus struct {
+	CategoryID           string `json:"category"`
+	CategoryDisplayName  string `json:"category_display_name"`
+	LastReceivedTsMillis int64  `json:"last_received_ts_ms"` // epoch milliseconds
+	LastReceivedFrom     string `json:"last_received_from"`  // resource identifier
+}
+
+// GettableCloudIntegrationConnectionParams is response for connection params API
+type GettableCloudIntegrationConnectionParams struct {
+	IngestionUrl string `json:"ingestion_url,omitempty"`
+	IngestionKey string `json:"ingestion_key,omitempty"`
+	SigNozAPIUrl string `json:"signoz_api_url,omitempty"`
+	SigNozAPIKey string `json:"signoz_api_key,omitempty"`
+}
+
+// GettableIngestionKey is a struct for ingestion key returned from gateway
+type GettableIngestionKey struct {
+	Name  string `json:"name"`
+	Value string `json:"value"`
+	// other attributes from gateway response not included here since they are not being used.
+}
+
+// GettableIngestionKeysSearch is a struct for response of ingestion keys search API on gateway
+type GettableIngestionKeysSearch struct {
+	Status string                 `json:"status"`
+	Data   []GettableIngestionKey `json:"data"`
+	Error  string                 `json:"error"`
+}
+
+// GettableCreateIngestionKey is a struct for response of create ingestion key API on gateway
+type GettableCreateIngestionKey struct {
+	Status string               `json:"status"`
+	Data   GettableIngestionKey `json:"data"`
+	Error  string               `json:"error"`
+}
+
+// GettableDeployment is response struct for deployment details fetched from Zeus
+type GettableDeployment struct {
+	Name        string `json:"name"`
+	ClusterInfo struct {
+		Region struct {
+			DNS string `json:"dns"`
+		} `json:"region"`
+	} `json:"cluster"`
+}
+
+// --------------------------------------------------------------------------
+// Cloud integration uses the cloud_integration table
+// and cloud_integrations_service table
+// --------------------------------------------------------------------------
+
+type CloudIntegration struct {
+	bun.BaseModel `bun:"table:cloud_integration"`
+
+	types.Identifiable
+	types.TimeAuditable
+	Provider        string         `json:"provider" bun:"provider,type:text,unique:provider_id"`
+	Config          *AccountConfig `json:"config" bun:"config,type:text"`
+	AccountID       *string        `json:"account_id" bun:"account_id,type:text"`
+	LastAgentReport *AgentReport   `json:"last_agent_report" bun:"last_agent_report,type:text"`
+	RemovedAt       *time.Time     `json:"removed_at" bun:"removed_at,type:timestamp,nullzero"`
+	OrgID           string         `bun:"org_id,type:text,unique:provider_id"`
+}
+
+func (a *CloudIntegration) Status() AccountStatus {
+	status := AccountStatus{}
+	if a.LastAgentReport != nil {
+		lastHeartbeat := a.LastAgentReport.TimestampMillis
+		status.Integration.LastHeartbeatTsMillis = &lastHeartbeat
+	}
+	return status
+}
+
+func (a *CloudIntegration) Account() Account {
+	ca := Account{Id: a.ID.StringValue(), Status: a.Status()}
+
+	if a.AccountID != nil {
+		ca.CloudAccountId = *a.AccountID
+	}
+
+	if a.Config != nil {
+		ca.Config = *a.Config
+	} else {
+		ca.Config = DefaultAccountConfig()
+	}
+	return ca
+}
+
+type Account struct {
+	Id             string        `json:"id"`
+	CloudAccountId string        `json:"cloud_account_id"`
+	Config         AccountConfig `json:"config"`
+	Status         AccountStatus `json:"status"`
+}
+
+type AccountStatus struct {
+	Integration AccountIntegrationStatus `json:"integration"`
+}
+
+type AccountIntegrationStatus struct {
+	LastHeartbeatTsMillis *int64 `json:"last_heartbeat_ts_ms"`
+}
+
+func DefaultAccountConfig() AccountConfig {
+	return AccountConfig{
+		EnabledRegions: []string{},
+	}
+}
+
+type AccountConfig struct {
+	EnabledRegions []string `json:"regions"`
+}
+
+// For serializing from db
+func (c *AccountConfig) Scan(src any) error {
+	var data []byte
+	switch v := src.(type) {
+	case []byte:
+		data = v
+	case string:
+		data = []byte(v)
+	default:
+		return errors.NewInternalf(errors.CodeInternal, "tried to scan from %T instead of string or bytes", src)
+	}
+
+	return json.Unmarshal(data, c)
+}
+
+// For serializing to db
+func (c *AccountConfig) Value() (driver.Value, error) {
+	if c == nil {
+		return nil, errors.NewInternalf(errors.CodeInternal, "cloud account config is nil")
+	}
+
+	serialized, err := json.Marshal(c)
+	if err != nil {
+		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't serialize cloud account config to JSON")
+	}
+	// Return as string instead of []byte to ensure PostgreSQL stores as text, not bytea
+	return string(serialized), nil
+}
+
+type AgentReport struct {
+	TimestampMillis int64          `json:"timestamp_millis"`
+	Data            map[string]any `json:"data"`
+}
+
+// For serializing from db
+func (r *AgentReport) Scan(src any) error {
+	var data []byte
+	switch v := src.(type) {
+	case []byte:
+		data = v
+	case string:
+		data = []byte(v)
+	default:
+		return errors.NewInternalf(errors.CodeInternal, "tried to scan from %T instead of string or bytes", src)
+	}
+
+	return json.Unmarshal(data, r)
+}
+
+// For serializing to db
+func (r *AgentReport) Value() (driver.Value, error) {
+	if r == nil {
+		return nil, errors.NewInternalf(errors.CodeInternal, "agent report is nil")
+	}
+
+	serialized, err := json.Marshal(r)
+	if err != nil {
+		return nil, errors.WrapInternalf(
+			err, errors.CodeInternal, "couldn't serialize agent report to JSON",
+		)
+	}
+	// Return as string instead of []byte to ensure PostgreSQL stores as text, not bytea
+	return string(serialized), nil
+}
+
+type CloudIntegrationService struct {
+	bun.BaseModel `bun:"table:cloud_integration_service,alias:cis"`
+
+	types.Identifiable
+	types.TimeAuditable
+	Type               string             `bun:"type,type:text,notnull,unique:cloud_integration_id_type"`
+	Config             CloudServiceConfig `bun:"config,type:text"`
+	CloudIntegrationID string             `bun:"cloud_integration_id,type:text,notnull,unique:cloud_integration_id_type,references:cloud_integrations(id),on_delete:cascade"`
+}
+
+type CloudServiceLogsConfig struct {
+	Enabled   bool                `json:"enabled"`
+	S3Buckets map[string][]string `json:"s3_buckets,omitempty"`
+}
+
+type CloudServiceMetricsConfig struct {
+	Enabled bool `json:"enabled"`
+}
+
+type CloudServiceConfig struct {
+	Logs    *CloudServiceLogsConfig    `json:"logs,omitempty"`
+	Metrics *CloudServiceMetricsConfig `json:"metrics,omitempty"`
+}
+
+// For serializing from db
+func (c *CloudServiceConfig) Scan(src any) error {
+	var data []byte
+	switch src := src.(type) {
+	case []byte:
+		data = src
+	case string:
+		data = []byte(src)
+	default:
+		return errors.NewInternalf(errors.CodeInternal, "tried to scan from %T instead of string or bytes", src)
+	}
+
+	return json.Unmarshal(data, c)
+}
+
+// For serializing to db
+func (c *CloudServiceConfig) Value() (driver.Value, error) {
+	if c == nil {
+		return nil, errors.NewInternalf(errors.CodeInternal, "cloud service config is nil")
+	}
+
+	serialized, err := json.Marshal(c)
+	if err != nil {
+		return nil, errors.WrapInternalf(
+			err, errors.CodeInternal, "couldn't serialize cloud service config to JSON",
+		)
+	}
+	// Return as string instead of []byte to ensure PostgreSQL stores as text, not bytea
+	return string(serialized), nil
+}

pkg/types/cloudintegrationtypes/regions.go

@@ -0,0 +1,103 @@
+package cloudintegrationtypes
+
+import (
+	"github.com/SigNoz/signoz/pkg/errors"
+)
+
+var (
+	CodeInvalidCloudRegion    = errors.MustNewCode("invalid_cloud_region")
+	CodeMismatchCloudProvider = errors.MustNewCode("cloud_provider_mismatch")
+)
+
+// List of all valid cloud regions on Amazon Web Services
+var ValidAWSRegions = map[string]bool{
+	"af-south-1":     true, // Africa (Cape Town).
+	"ap-east-1":      true, // Asia Pacific (Hong Kong).
+	"ap-northeast-1": true, // Asia Pacific (Tokyo).
+	"ap-northeast-2": true, // Asia Pacific (Seoul).
+	"ap-northeast-3": true, // Asia Pacific (Osaka).
+	"ap-south-1":     true, // Asia Pacific (Mumbai).
+	"ap-south-2":     true, // Asia Pacific (Hyderabad).
+	"ap-southeast-1": true, // Asia Pacific (Singapore).
+	"ap-southeast-2": true, // Asia Pacific (Sydney).
+	"ap-southeast-3": true, // Asia Pacific (Jakarta).
+	"ap-southeast-4": true, // Asia Pacific (Melbourne).
+	"ca-central-1":   true, // Canada (Central).
+	"ca-west-1":      true, // Canada West (Calgary).
+	"eu-central-1":   true, // Europe (Frankfurt).
+	"eu-central-2":   true, // Europe (Zurich).
+	"eu-north-1":     true, // Europe (Stockholm).
+	"eu-south-1":     true, // Europe (Milan).
+	"eu-south-2":     true, // Europe (Spain).
+	"eu-west-1":      true, // Europe (Ireland).
+	"eu-west-2":      true, // Europe (London).
+	"eu-west-3":      true, // Europe (Paris).
+	"il-central-1":   true, // Israel (Tel Aviv).
+	"me-central-1":   true, // Middle East (UAE).
+	"me-south-1":     true, // Middle East (Bahrain).
+	"sa-east-1":      true, // South America (Sao Paulo).
+	"us-east-1":      true, // US East (N. Virginia).
+	"us-east-2":      true, // US East (Ohio).
+	"us-west-1":      true, // US West (N. California).
+	"us-west-2":      true, // US West (Oregon).
+}
+
+// List of all valid cloud regions for Microsoft Azure
+var ValidAzureRegions = map[string]bool{
+	"australiacentral":   true, // Australia Central
+	"australiacentral2":  true, // Australia Central 2
+	"australiaeast":      true, // Australia East
+	"australiasoutheast": true, // Australia Southeast
+	"austriaeast":        true, // Austria East
+	"belgiumcentral":     true, // Belgium Central
+	"brazilsouth":        true, // Brazil South
+	"brazilsoutheast":    true, // Brazil Southeast
+	"canadacentral":      true, // Canada Central
+	"canadaeast":         true, // Canada East
+	"centralindia":       true, // Central India
+	"centralus":          true, // Central US
+	"chilecentral":       true, // Chile Central
+	"denmarkeast":        true, // Denmark East
+	"eastasia":           true, // East Asia
+	"eastus":             true, // East US
+	"eastus2":            true, // East US 2
+	"francecentral":      true, // France Central
+	"francesouth":        true, // France South
+	"germanynorth":       true, // Germany North
+	"germanywestcentral": true, // Germany West Central
+	"indonesiacentral":   true, // Indonesia Central
+	"israelcentral":      true, // Israel Central
+	"italynorth":         true, // Italy North
+	"japaneast":          true, // Japan East
+	"japanwest":          true, // Japan West
+	"koreacentral":       true, // Korea Central
+	"koreasouth":         true, // Korea South
+	"malaysiawest":       true, // Malaysia West
+	"mexicocentral":      true, // Mexico Central
+	"newzealandnorth":    true, // New Zealand North
+	"northcentralus":     true, // North Central US
+	"northeurope":        true, // North Europe
+	"norwayeast":         true, // Norway East
+	"norwaywest":         true, // Norway West
+	"polandcentral":      true, // Poland Central
+	"qatarcentral":       true, // Qatar Central
+	"southafricanorth":   true, // South Africa North
+	"southafricawest":    true, // South Africa West
+	"southcentralus":     true, // South Central US
+	"southindia":         true, // South India
+	"southeastasia":      true, // Southeast Asia
+	"spaincentral":       true, // Spain Central
+	"swedencentral":      true, // Sweden Central
+	"switzerlandnorth":   true, // Switzerland North
+	"switzerlandwest":    true, // Switzerland West
+	"uaecentral":         true, // UAE Central
+	"uaenorth":           true, // UAE North
+	"uksouth":            true, // UK South
+	"ukwest":             true, // UK West
+	"westcentralus":      true, // West Central US
+	"westeurope":         true, // West Europe
+	"westindia":          true, // West India
+	"westus":             true, // West US
+	"westus2":            true, // West US 2
+	"westus3":            true, // West US 3
+}

pkg/types/cloudintegrationtypes/servicedefinitions.go

@@ -0,0 +1,263 @@
+package cloudintegrationtypes
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+var S3Sync = valuer.NewString("s3sync")
+
+// Generic interface for cloud service definition.
+// This is implemented by AWSDefinition and AzureDefinition, which represent service definitions for AWS and Azure respectively.
+// Generics work well so far because service definitions share a similar logic.
+// We dont want to over-do generics as well, if the service definitions functionally diverge in the future consider breaking generics.
+type Definition interface {
+	GetId() string
+	Validate() error
+	PopulateDashboardURLs(cloudProvider CloudProviderType, svcId string)
+	GetIngestionStatusCheck() *IngestionStatusCheck
+	GetAssets() Assets
+}
+
+// AWSDefinition represents AWS Service definition, which includes collection strategy, dashboards and meta info for integration
+type AWSDefinition = ServiceDefinition[AWSCollectionStrategy]
+
+// AzureDefinition represents Azure Service definition, which includes collection strategy, dashboards and meta info for integration
+type AzureDefinition = ServiceDefinition[AzureCollectionStrategy]
+
+// Making AWSDefinition and AzureDefinition satisfy Definition interface, so that they can be used in a generic way
+var (
+	_ Definition = &AWSDefinition{}
+	_ Definition = &AzureDefinition{}
+)
+
+// ServiceDefinition represents generic struct for cloud service, regardless of the cloud provider.
+// this struct must satify Definition interface.
+// StrategyT is of either AWSCollectionStrategy or AzureCollectionStrategy, depending on the cloud provider.
+type ServiceDefinition[StrategyT any] struct {
+	DefinitionMetadata
+	Overview             string                `json:"overview"` // markdown
+	Assets               Assets                `json:"assets"`
+	SupportedSignals     SupportedSignals      `json:"supported_signals"`
+	DataCollected        DataCollected         `json:"data_collected"`
+	IngestionStatusCheck *IngestionStatusCheck `json:"ingestion_status_check,omitempty"`
+	Strategy             *StrategyT            `json:"telemetry_collection_strategy"`
+}
+
+// Following methods are quite self explanatory, they are just to satisfy the Definition interface and provide some utility functions for service definitions.
+func (def *ServiceDefinition[StrategyT]) GetId() string {
+	return def.Id
+}
+
+func (def *ServiceDefinition[StrategyT]) Validate() error {
+	seenDashboardIds := map[string]interface{}{}
+
+	if def.Strategy == nil {
+		return errors.NewInternalf(errors.CodeInternal, "telemetry_collection_strategy is required")
+	}
+
+	for _, dd := range def.Assets.Dashboards {
+		if _, seen := seenDashboardIds[dd.Id]; seen {
+			return errors.NewInternalf(errors.CodeInternal, "multiple dashboards found with id %s", dd.Id)
+		}
+		seenDashboardIds[dd.Id] = nil
+	}
+
+	return nil
+}
+
+func (def *ServiceDefinition[StrategyT]) PopulateDashboardURLs(cloudProvider CloudProviderType, svcId string) {
+	for i := range def.Assets.Dashboards {
+		dashboardId := def.Assets.Dashboards[i].Id
+		url := "/dashboard/" + GetCloudIntegrationDashboardID(cloudProvider, svcId, dashboardId)
+		def.Assets.Dashboards[i].Url = url
+	}
+}
+
+func (def *ServiceDefinition[StrategyT]) GetIngestionStatusCheck() *IngestionStatusCheck {
+	return def.IngestionStatusCheck
+}
+
+func (def *ServiceDefinition[StrategyT]) GetAssets() Assets {
+	return def.Assets
+}
+
+// DefinitionMetadata represents service definition metadata. This is useful for showing service overview
+type DefinitionMetadata struct {
+	Id    string `json:"id"`
+	Title string `json:"title"`
+	Icon  string `json:"icon"`
+}
+
+// IngestionStatusCheckCategory represents a category of ingestion status check. Applies for both metrics and logs.
+// A category can be "Overview" of metrics or "Enhanced" Metrics for AWS, and "Transaction" or "Capacity" metrics for Azure.
+// Each category can have multiple checks (AND logic), if all checks pass,
+// then we can be sure that data is being ingested for that category of the signal
+type IngestionStatusCheckCategory struct {
+	Category    string                           `json:"category"`
+	DisplayName string                           `json:"display_name"`
+	Checks      []*IngestionStatusCheckAttribute `json:"checks"`
+}
+
+// IngestionStatusCheckAttribute represents a check or condition for ingestion status.
+// Key can be metric name or part of log message
+type IngestionStatusCheckAttribute struct {
+	Key        string                                 `json:"key"` // OPTIONAL search key (metric name or log message)
+	Attributes []*IngestionStatusCheckAttributeFilter `json:"attributes"`
+}
+
+// IngestionStatusCheck represents combined checks for metrics and logs for a service
+type IngestionStatusCheck struct {
+	Metrics []*IngestionStatusCheckCategory `json:"metrics"`
+	Logs    []*IngestionStatusCheckCategory `json:"logs"`
+}
+
+// IngestionStatusCheckAttributeFilter represents filter for a check, which can be used to filter specific log messages or metrics with specific attributes.
+// For example, we can use it to filter logs with specific log level or metrics with specific dimensions.
+type IngestionStatusCheckAttributeFilter struct {
+	Name     string `json:"name"`
+	Operator string `json:"operator"`
+	Value    string `json:"value"` // OPTIONAL
+}
+
+// Assets represents the collection of dashboards
+type Assets struct {
+	Dashboards []Dashboard `json:"dashboards"`
+}
+
+// SupportedSignals for cloud provider's service
+type SupportedSignals struct {
+	Logs    bool `json:"logs"`
+	Metrics bool `json:"metrics"`
+}
+
+// DataCollected is curated static list of metrics and logs, this is shown as part of service overview
+type DataCollected struct {
+	Logs    []CollectedLogAttribute `json:"logs"`
+	Metrics []CollectedMetric       `json:"metrics"`
+}
+
+// CollectedLogAttribute represents a log attribute that is present in all log entries for a service,
+// this is shown as part of service overview
+type CollectedLogAttribute struct {
+	Name string `json:"name"`
+	Path string `json:"path"`
+	Type string `json:"type"`
+}
+
+// CollectedMetric represents a metric that is collected for a service, this is shown as part of service overview
+type CollectedMetric struct {
+	Name        string `json:"name"`
+	Type        string `json:"type"`
+	Unit        string `json:"unit"`
+	Description string `json:"description"`
+}
+
+// AWSCollectionStrategy represents signal collection strategy for AWS services.
+// this is AWS specific.
+type AWSCollectionStrategy struct {
+	Metrics   *AWSMetricsStrategy `json:"aws_metrics,omitempty"`
+	Logs      *AWSLogsStrategy    `json:"aws_logs,omitempty"`
+	S3Buckets map[string][]string `json:"s3_buckets,omitempty"` // Only available in S3 Sync Service Type in AWS
+}
+
+// AzureCollectionStrategy represents signal collection strategy for Azure services.
+// this is Azure specific.
+type AzureCollectionStrategy struct {
+	Metrics []*AzureMetricsStrategy `json:"azure_metrics,omitempty"`
+	Logs    []*AzureLogsStrategy    `json:"azure_logs,omitempty"`
+}
+
+// AWSMetricsStrategy represents metrics collection strategy for AWS services.
+// this is AWS specific.
+type AWSMetricsStrategy struct {
+	// to be used as https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudwatch-metricstream.html#cfn-cloudwatch-metricstream-includefilters
+	StreamFilters []struct {
+		// json tags here are in the shape expected by AWS API as detailed at
+		// https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-metricstream-metricstreamfilter.html
+		Namespace   string   `json:"Namespace"`
+		MetricNames []string `json:"MetricNames,omitempty"`
+	} `json:"cloudwatch_metric_stream_filters"`
+}
+
+// AWSLogsStrategy represents logs collection strategy for AWS services.
+// this is AWS specific.
+type AWSLogsStrategy struct {
+	Subscriptions []struct {
+		// subscribe to all logs groups with specified prefix.
+		// eg: `/aws/rds/`
+		LogGroupNamePrefix string `json:"log_group_name_prefix"`
+
+		// https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html
+		// "" implies no filtering is required.
+		FilterPattern string `json:"filter_pattern"`
+	} `json:"cloudwatch_logs_subscriptions"`
+}
+
+// AzureMetricsStrategy represents metrics collection strategy for Azure services.
+// this is Azure specific.
+type AzureMetricsStrategy struct {
+	CategoryType string `json:"category_type"`
+	Name         string `json:"name"`
+}
+
+// AzureLogsStrategy represents logs collection strategy for Azure services.
+// this is Azure specific. Even though this is similar to AzureMetricsStrategy, keeping it separate for future flexibility and clarity.
+type AzureLogsStrategy struct {
+	CategoryType string `json:"category_type"`
+	Name         string `json:"name"`
+}
+
+// Dashboard represents a dashboard definition for cloud integration.
+type Dashboard struct {
+	Id          string                                `json:"id"`
+	Url         string                                `json:"url"`
+	Title       string                                `json:"title"`
+	Description string                                `json:"description"`
+	Image       string                                `json:"image"`
+	Definition  *dashboardtypes.StorableDashboardData `json:"definition,omitempty"`
+}
+
+// UTILS
+
+// GetCloudIntegrationDashboardID returns the dashboard id for a cloud integration, given the cloud provider, service id, and dashboard id.
+// This is used to generate unique dashboard ids for cloud integration, and also to parse the dashboard id to get the cloud provider and service id when needed.
+func GetCloudIntegrationDashboardID(cloudProvider CloudProviderType, svcId, dashboardId string) string {
+	return fmt.Sprintf("cloud-integration--%s--%s--%s", cloudProvider, svcId, dashboardId)
+}
+
+// GetDashboardsFromAssets returns the list of dashboards for the cloud provider service from definition
+func GetDashboardsFromAssets(
+	svcId string,
+	orgID valuer.UUID,
+	cloudProvider CloudProviderType,
+	createdAt *time.Time,
+	assets Assets,
+) []*dashboardtypes.Dashboard {
+	dashboards := make([]*dashboardtypes.Dashboard, 0)
+
+	for _, d := range assets.Dashboards {
+		author := fmt.Sprintf("%s-integration", cloudProvider)
+		dashboards = append(dashboards, &dashboardtypes.Dashboard{
+			ID:     GetCloudIntegrationDashboardID(cloudProvider, svcId, d.Id),
+			Locked: true,
+			OrgID:  orgID,
+			Data:   *d.Definition,
+			TimeAuditable: types.TimeAuditable{
+				CreatedAt: *createdAt,
+				UpdatedAt: *createdAt,
+			},
+			UserAuditable: types.UserAuditable{
+				CreatedBy: author,
+				UpdatedBy: author,
+			},
+		})
+	}
+
+	return dashboards
+}

pkg/types/cloudintegrationtypes/store.go

@@ -0,0 +1,57 @@
+package cloudintegrationtypes
+
+import (
+	"context"
+	"time"
+
+	"github.com/SigNoz/signoz/pkg/query-service/model"
+	"github.com/SigNoz/signoz/pkg/types"
+)
+
+type CloudIntegrationAccountStore interface {
+	ListConnected(ctx context.Context, orgId string, provider string) ([]types.CloudIntegration, *model.ApiError)
+
+	Get(ctx context.Context, orgId string, provider string, id string) (*types.CloudIntegration, *model.ApiError)
+
+	GetConnectedCloudAccount(ctx context.Context, orgId string, provider string, accountID string) (*types.CloudIntegration, *model.ApiError)
+
+	// Insert an account or update it by (cloudProvider, id)
+	// for specified non-empty fields
+	Upsert(
+		ctx context.Context,
+		orgId string,
+		provider string,
+		id *string,
+		config *types.AccountConfig,
+		accountId *string,
+		agentReport *types.AgentReport,
+		removedAt *time.Time,
+	) (*types.CloudIntegration, *model.ApiError)
+}
+
+type CloudIntegrationServiceStore interface {
+	Get(
+		ctx context.Context,
+		orgID string,
+		cloudAccountId string,
+		serviceType string,
+	) (*types.CloudServiceConfig, *model.ApiError)
+
+	Upsert(
+		ctx context.Context,
+		orgID string,
+		cloudProvider string,
+		cloudAccountId string,
+		serviceId string,
+		config types.CloudServiceConfig,
+	) (*types.CloudServiceConfig, *model.ApiError)
+
+	GetAllForAccount(
+		ctx context.Context,
+		orgID string,
+		cloudAccountId string,
+	) (
+		configsBySvcId map[string]*types.CloudServiceConfig,
+		apiErr *model.ApiError,
+	)
+}