Grant privileges and roles needed for APM Agent central configuration
editGrant privileges and roles needed for APM Agent central configuration
editAPM Server agent central configuration management
editAPM Server acts as a proxy between your APM agents and the APM UI. The APM UI communicates any changed settings to APM Server so that your agents only need to poll the Server to determine which central configuration settings have changed.
To grant an APM Server user with the required privileges for managing central configuration in Elasticsearch without Kibana, assign the user the following privileges:
| Type | Privilege | Purpose |
|---|---|---|
Index |
|
Allow APM Server to manage central configurations in Elasticsearch |
The above privileges should be sufficient for APM agent central configuration to work properly as long as APM Server communicates with Elasticsearch successfully. If it fails, it may fallback to read agent central configuration via Kibana if configured, which requires the following privileges:
| Type | Privilege | Purpose |
|---|---|---|
Spaces |
|
Allow APM Server to manage central configurations via the APM UI |
Looking for privileges and roles needed to use central configuration from the APM UI or APM UI API? See APM UI central configuration user.