Setup role

edit

Administrators who set up Synthetics typically need to enable Monitor Management.

Enabling Monitor Management is an admin-level task that requires extra privileges and must be completed just once by an admin before any users with the Writer role can create synthetic monitors. This applies to monitors created via both projects and the UI.

Synthetics app in Kibana on the Management tab before Monitor Management is enabled

As a best practice, grant the setup role to administrators only, and use a more restrictive role for event publishing.

Create a setup role, called something like synthetics_setup:

  1. Start with the editor built-in role. This role grants full access to all features in Kibana (including the Observability solution) and read-only access to data indices.

    The editor built-in role will grant write access to all Kibana apps. If you want to limit write access to the Synthetics app only, refer to Limited write access.

    If you choose this approach, you will still need to grant the privileges in the next step.

  2. Grant the role additional privileges that are required to enable Monitor Management:

    1. Grant all of the following privileges:

      Type Privilege Purpose

      Cluster

      monitor

      Allows the user to retrieve cluster details.

      Cluster

      read_ilm

      Allows the user access to all read-only index lifecycle management operations.

      Cluster

      read_pipeline

      Gives the user read-only access to the ingest pipline.

      Index

      synthetics-*: view_index_metadata

      Gives the user read-only access to index and data stream metadata.

      Index

      synthetics-*: create_doc

      Allows the user to index documents.

      Index

      synthetics-*: auto_configure

      Permits auto-creation of indices and data streams.

    2. Grant at least one of following privileges:

      Type Privilege Purpose

      Cluster

      manage_security

      Allows access to all security-related operations such as CRUD operations on users and roles and cache clearing.

      Cluster

      manage_api_key

      Allows access to all security-related operations on Elasticsearch API keys.