Grafana has introduced a new "No basic role" feature that enhances user management and security by eliminating default permissions for users and service accounts, addressing issues from previous role-based access control systems where the default Viewer role could unintentionally grant excessive permissions. This update, available in Grafana 10.2 for both Grafana Cloud instances and Enterprise binaries, allows administrators to more precisely control access by starting with a permissionless role and assigning necessary permissions through Team Role sync or RBAC (Role-Based Access Control). This approach not only simplifies access management but also minimizes security risks by reducing unnecessary access to sensitive resources, aligning with the principle of least privilege. The feature, developed in response to community feedback, is part of Grafana’s ongoing efforts to improve security and user management, and users are encouraged to provide feedback to help further refine the tool.