APM app central config useredit
Central configuration manageredit
Central configuration users need to be able to view, create, update, and delete APM agent configurations.
-
Create a new role, named something like
central-config-manager
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-manager
role created in the previous step, and the following Kibana feature privileges to anyone who needs to manage central configurations:Type Privilege Purpose Kibana
All
on the APM and User Experience featureAllow full use of the APM and User Experience apps
Central configuration readeredit
In some instances, you may wish to create a user that can only read central configurations, but not create, update, or delete them.
-
Create a new role, named something like
central-config-reader
, and assign the following privileges:Type Privilege Purpose Index
read
onapm-agent-configuration
Read-only access to
apm-agent-configuration
dataIndex
view_index_metadata
onapm-agent-configuration
Read-only access to
apm-agent-configuration
index metadataIndex
read
onlogs-apm*
Read-only access to
logs-apm*
dataIndex
view_index_metadata
onlogs-apm*
Read-only access to
logs-apm*
index metadataIndex
read
onmetrics-apm*
Read-only access to
metrics-apm*
dataIndex
view_index_metadata
onmetrics-apm*
Read-only access to
metrics-apm*
index metadataIndex
read
ontraces-apm*
Read-only access to
traces-apm*
dataIndex
view_index_metadata
ontraces-apm*
Read-only access to
traces-apm*
index metadataType Privilege Purpose Index
read
onapm-*
Read-only access to
apm-*
dataIndex
view_index_metadata
onapm-*
Read-only access to
apm-*
index metadataUsing the deprecated APM Server binaries? Add the privileges under the Classic APM indices tab above.
-
Assign the
central-config-reader
role created in the previous step, and the following Kibana feature privileges to anyone who needs to read central configurations:Type Privilege Purpose Kibana
read
on the APM and User Experience featureAllow read access to the APM and User Experience apps
Central configuration APIedit
See Create an API user.