A few notes around some less documented Dynatrace Managed requirements.
Dynatrace Managed installer applies a large number of SELinux policies by default. This is because Dynatrace requires extensive system-level access to perform its monitoring tasks. As you noted, the policies are primarily related to the OneAgent, but there are also policies for other components of the system, such as the Dynatrace Managed gateway.