Grant privileges and roles needed for APM Agent central configurationedit
APM Server agent central configuration managementedit
APM Server acts as a proxy between your APM agents and the APM app. The APM app communicates any changed settings to APM Server so that your agents only need to poll the Server to determine which central configuration settings have changed.
To grant an APM Server user with the required privileges for managing central configuration in Elasticsearch without Kibana, assign the user the following privileges:
| Type | Privilege | Purpose |
|---|---|---|
Index |
|
Allow APM Server to manage central configurations in Elasticsearch |
The above privileges should be sufficient for APM agent central configuration to work properly as long as APM Server communicates with Elasticsearch successfully. If it fails, it may fallback to read agent central configuration via Kibana if configured, which requires the following privileges:
| Type | Privilege | Purpose |
|---|---|---|
Spaces |
|
Allow APM Server to manage central configurations via the APM app |
Looking for privileges and roles needed to use central configuration from the APM app or APM app API? See APM app central configuration user.