Set up transforms
editSet up transforms
editRequirements overview
editTo use transforms, you must have:
- at least one transform node,
- management features visible in the Kibana space, and
-
security privileges that:
- grant use of transforms, and
- grant access to source and destination indices
Security privileges
editAssigning security privileges affects how users access transforms. Consider the two main categories:
- Elasticsearch API user: uses an Elasticsearch client, cURL, or Kibana Dev Tools to access transforms via Elasticsearch APIs. This scenario requires Elasticsearch security privileges.
- Kibana user: uses transforms in Kibana. This scenario requires Kibana feature privileges and Elasticsearch security privileges.
Elasticsearch API user
editTo manage transforms, you must meet all of the following requirements:
-
transform_admin
built-in role ormanage_transform
cluster privileges, -
read
andview_index_metadata
index privileges on source indices, and -
create_index
,index
,manage
, andread
index privileges on destination indices. If aretention_policy
is configured,delete
index privilege is also required on the destination index.
To view only the configuration and status of transforms, you must have:
-
transform_user
built-in role ormonitor_transform
cluster privileges
For more information about Elasticsearch roles and privileges, refer to Built-in roles and Security privileges.
Kibana user
editWithin a Kibana space, for full access to transforms, you must meet all of the following requirements:
-
Management features visible in the Kibana space, including
Data View Management
andStack Monitoring
, -
monitoring_user
built-in role, -
transform_admin
built-in role ormanage_transform
cluster privileges, -
kibana_admin
built-in role or a custom role withread
orall
Kibana privileges for theData View Management
feature (dependent on whether data views already exist for your destination indices), - data views for your source indices,
-
read
andview_index_metadata
index privileges on source indices, and -
create_index
,index
,manage
, andread
index privileges on destination indices. Additionally, when using aretention_policy
,delete
index privilege is required on destination indices. -
read_pipeline
cluster privileges, if the transform uses an ingest pipeline
Within a Kibana space, for read-only access to transforms, you must meet all of the following requirements:
-
Management features visible in the Kibana space, including
Stack Monitoring
, -
monitoring_user
built-in role, -
transform_user
built-in role ormonitor_transform
cluster privileges, -
kibana_admin
built-in role or a custom role withread
Kibana privileges for at least one feature in the space, - data views for your source and destination indices, and
-
read
, andview_index_metadata
index privileges on source indices and destination indices
For more information and Kibana security features, see Kibana role management and Kibana privileges.
Kibana spaces
editSpaces enable you to organize your source and destination indices and other saved objects in Kibana and to see only the objects that belong to your space. However, a transform is a long running task which is managed on cluster level and therefore not limited in scope to certain spaces. Space awareness can be implemented for a data view under Stack Management > Kibana which allows privileges to the transform destination index.
To successfully create transforms in Kibana, you must be logged into a space
where the source indices are visible and the Data View Management
and
Stack Monitoring
features are visible.