DataDog · dd-mergequeue · Apr 24, 2025 · Apr 17, 2025 · Apr 17, 2025 · Apr 18, 2025
@@ -16,7 +16,7 @@
     subcategory: Datadog Role Permissions
 ---
 
-## Overview
+## Permissions
 
 Permissions define the type of access a user has to a given resource. Typically, permissions give a user the right to read, edit, or delete an object. Permissions underlie the access rights of all roles, including the three managed roles and custom roles.
 
@@ -30,6 +30,19 @@
 
 Sensitive permissions are flagged in the Roles and Permissions interfaces to identify that they may need increased scrutiny. As a best practice, administrators configuring roles should pay special attention to these permissions, and confirm which of these permissions are assigned to their roles and users.
 
+### Preview mode permissions
+
+Some permissions appear in "preview mode" before becoming fully enforced. During this period:
+
+- Preview permissions are marked in the app with a "Preview" badge
+- They do not restrict access until the preview period ends
+- The preview typically lasts 2-4 weeks before enforcement begins
+- Administrators should configure roles appropriately during this period
+
+Preview mode gives your organization's administrators the ability to opt into certain new permissions, so they can prevent losing access to resources that were previously unrestricted. Release notes associated with each preview mode permission indicate when the permission is created and when it will be enforced. While these permissions don't restrict access during preview, Datadog recommends updating role configurations before they become enforced to prevent disruption.
+
+## Roles
+
 ### Managed roles
 
 By default, existing users are associated with one of the three managed roles: