Applications UI central config user
editApplications UI central config user
editCentral configuration users need to be able to view, create, update, and delete APM agent configurations.
-
Create a new role, named something like
central-config-manager
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-manager
role created in the previous step, and the following Kibana feature privileges to anyone who needs to manage central configurations:Type Privilege Purpose Kibana
All
on the APM and User Experience featureAllow full use of the Applications and User Experience UIs
In some instances, you may wish to create a user that can only read central configurations, but not create, update, or delete them.
-
Create a new role, named something like
central-config-reader
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-reader
role created in the previous step, and the following Kibana feature privileges to anyone who needs to read central configurations:Type Privilege Purpose Kibana
read
on the APM and User Experience featureAllow read access to the Applications and User Experience UIs
See Create an API user.