Configure service-level objective (SLO) access

edit

Configure service-level objective (SLO) access

edit

To create and manage SLOs, you need an appropriate license.

You can create the following roles for your SLOs:

  • SLO All — Create, edit, and manage SLOs and their historical summaries.
  • SLO Read — See SLOs and their historical summaries.

To create a role:

  1. From the left navigation in Kibana, under Management select Stack Management.
  2. Under Security, select Roles.
  3. Click Create role in the upper-right corner of the page.

Create an SLO All role

edit

Set the following privileges for the SLO All role:

  1. Under Cluster privileges in the Elasticsearch section, add manage_transform and manage_ingest_pipelines.
  2. Under Index privileges, add .slo-* to the Indices field and all to the Privileges field.
  3. Click Add index privilege.
  4. Add indices you plan to create SLOs for to the Indices field, and add read and view_index_metadata to the Privileges field. The following example shows logs-*, but you can specify any indices.

    Cluster and index privileges for SLO All role
  5. In the Kibana section, click Add Kibana privilege.
  6. From the Spaces dropdown, either select any specific spaces you want the role to apply to, or select All Spaces.
  7. Set Observability → SLOs to All.

    SLO Kibana all privileges

Create an SLO Read role

edit

Set the following privileges for the SLO Read role:

  1. Under Index privileges in the Elasticsearch section, add .slo-* to the Indices field and read to the Privileges field.

    Index privileges for SLO Read role
  2. In the Kibana section, click Add Kibana privilege.
  3. From the Spaces dropdown, either select any specific spaces you want the role to apply to, or select All Spaces.
  4. Set Observability → SLOs to Read.

    SLO Kibana read privileges