- Legacy APM Server Reference:
- Overview
- Getting Started With APM Server
- Setting up APM Server
- Upgrading APM Server
- Configuring APM Server
- General configuration options
- Configure the output
- Parse data using ingest node pipelines
- Specify SSL settings
- Load the Elasticsearch index template
- Manual index lifecycle management
- Configure logging
- Set up Real User Monitoring (RUM) support
- Use environment variables in the configuration
- Set up project paths
- Securing APM Server
- Monitoring APM Server
- Real User Monitoring (RUM)
- Tune Data Ingestion
- Storage Management
- Intake API
- Exploring data in Elasticsearch
- Exported fields
- Troubleshooting
- Release notes
Grant users access to APM Server indicesedit
To enable users to access the indices APM Server creates, grant them read
and view_index_metadata privileges on the APM Server indices. If they’re
using Kibana, they also need the kibana_user role.
X-Pack security provides a built-in role called apm_user that you can explicitly assign to users.
This role grants them the necessary read and view_index_metadata privileges on the APM Server indices.
-
Assign your users the
apm_userrole so they can access the APM Server indices. For Kibana users who need to visualize the data, also assign thekibana_userrole:-
If you’re using the
nativerealm, you can assign roles with the Management > Users UI in Kibana or through theuserAPI. For example, the following request grantsapm_accounttheapm_userandkibana_userroles:POST /_security/user/apm_account { "password" : "YOUR_PASSWORD", "roles" : [ "apm_user","kibana_user"], "full_name" : "APM Server account" }
-
If you’re using the LDAP, Active Directory, or PKI realms, you assign the roles in the
role_mapping.ymlconfiguration file. For example, the following snippet grantsapm_accounttheapm_userandkibana_userroles:apm_user: - "cn=apm_account,dc=example,dc=com" kibana_user: - "cn=apm_account,dc=example,dc=com"
For more information, see Using Role Mapping Files.
-