IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Create agent key
editCreate agent key
editCreate an APM agent API key. Specify API key privileges in the request body at creation time.
Privileges
editThe user creating an APM agent API key must have at least the manage_own_api_key
cluster privilege
and the APM application-level privileges that it wishes to grant.
The example below uses the Kibana role management API to create a role named apm_agent_key_user
.
Create and assign this role to a user that wishes to create APM agent API keys.
POST /_security/role/apm_agent_key_user { "cluster": ["manage_own_api_key"], "applications": [ { "application": "kibana-.kibana", "privileges": ["feature_apm.all"], "resources": ["*"] }, { "application": "apm", "privileges": ["event:write", "config_agent:read"], "resources": ["*"] } ] }
Request
editPOST /api/apm/agent_keys
Request body
edit-
name
- (required, string) Name of the APM agent key.
-
privileges
-
(required, array) APM agent key privileges. It can take one or more of the following values:
-
event:write
. Required for ingesting APM agent events. -
config_agent:read
. Required for APM agents to read agent configuration remotely.
-
Example
editPOST /api/apm/agent_keys { "name": "apm-key", "privileges": ["event:write", "config_agent:read"] }
Response body
edit{ "agentKey": { "id": "3DCLmn0B3ZMhLUa7WBG9", "name": "apm-key", "api_key": "PjGloCGOTzaZr8ilUPvkjA", "encoded": "M0RDTG1uMEIzWk1oTFVhN1dCRzk6UGpHbG9DR09UemFacjhpbFVQdmtqQQ==" } }
Once created, you can copy the API key (Base64 encoded) and use it to to authorize requests from APM agents to the APM Server.