Granting users access to APM Server indices
editGranting users access to APM Server indices
editTo enable users to access the indices a APM Server creates, grant them read
and view_index_metadata
privileges on the APM Server indices:
-
Create a role that has the
read
andview_index_metadata
privileges for the APM Server indices. You can create roles from the Management > Roles UI in Kibana or through therole
API. For example, the following request creates aapm_reader
role: -
Assign your users the reader role so they can access the APM Server indices:
-
If you’re using the
native
realm, you can assign roles with the Management > Users UI in Kibana or through theuser
API. For example, the following request grantsapm_user
theapm_reader
role:POST /_xpack/security/user/apm_user { "password" : "x-pack-test-password", "roles" : [ "apm_reader"], "full_name" : "APM Server User" }
-
If you’re using the LDAP, Active Directory, or PKI realms, you assign the roles in the
role_mapping.yml
configuration file. For example, the following snippet grantsAPM Server User
theapm_reader
role:apm_reader: - "cn=APM Server User,dc=example,dc=com"
For more information, see Using Role Mapping Files.
-