APM app central config user
editAPM app central config user
editCentral configuration manager
editCentral configuration users need to be able to view, create, update, and delete APM agent configurations.
-
Create a new role, named something like
central-config-manager
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-manager
role created in the previous step, and the following Kibana feature privileges to anyone who needs to manage central configurations:Type Privilege Purpose Kibana
All
on the APM and User Experience featureAllow full use of the APM and User Experience apps
Central configuration reader
editIn some instances, you may wish to create a user that can only read central configurations, but not create, update, or delete them.
-
Create a new role, named something like
central-config-reader
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-reader
role created in the previous step, and the following Kibana feature privileges to anyone who needs to read central configurations:Type Privilege Purpose Kibana
read
on the APM and User Experience featureAllow read access to the APM and User Experience apps
Central configuration API
editSee Create an API user.