Grant users access to secured resources

Serverless Stack

Elastic Stack

Typically you need to create the following separate roles:

Setup role for enabling Monitor Management.
Writer role for creating, modifying, and deleting monitors.
Reader role for Kibana users who need to view and create visualizations that access Synthetics data.

Elasticsearch security features provides built-in roles that grant a subset of the privileges needed by Synthetics users. When possible, assign users the built-in roles to minimize the affect of future changes on your security strategy. If no built-in role is available, you can assign users the privileges needed to accomplish a specific task.

In general, you'll work with the following privilege types:

Elasticsearch cluster privileges: Manage the actions a user can perform against your cluster.
Elasticsearch index privileges: Control access to the data in specific indices your cluster.
Kibana space privileges: Grant users write or read access to features and apps within Kibana.

Serverless

Viewer:
- View and create visualizations that access Synthetics data.
Editor:
- Create, modify, and delete monitors.
- View and create visualizations that access Synthetics data.
Admin:
- Full access to project management, properties, and security privileges.
- Create, modify, and delete monitors.
- View and create visualizations that access Synthetics data.

Read more about user roles in Assign user roles and privileges.