61 lines
1.6 KiB
Plaintext
61 lines
1.6 KiB
Plaintext
[[uptime-security]]
|
|
== Elasticsearch Security
|
|
|
|
If you use Elasticsearch security, you'll need to enable certain privileges for users
|
|
that would like to access the Uptime app. For example, create user and support roles to implement the privileges:
|
|
|
|
[float]
|
|
=== Create a role
|
|
|
|
You'll need a role that lets you access the Heartbeat indices, which by default are `heartbeat-*`.
|
|
You can create this with the following request:
|
|
|
|
["source","sh",subs="attributes,callouts"]
|
|
---------------------------------------------------------------
|
|
PUT /_security/role/uptime
|
|
{ "indices" : [
|
|
{
|
|
"names" : [
|
|
"heartbeat-*"
|
|
],
|
|
"privileges" : [
|
|
"read",
|
|
"view_index_metadata"
|
|
],
|
|
"field_security" : {
|
|
"grant" : [
|
|
"*"
|
|
]
|
|
},
|
|
"allow_restricted_indices" : false
|
|
}
|
|
],
|
|
"transient_metadata" : {
|
|
"enabled" : true
|
|
}
|
|
}
|
|
---------------------------------------------------------------
|
|
// CONSOLE
|
|
|
|
[float]
|
|
=== Assign the role to a user
|
|
|
|
Next, you'll need to create a user with both the `uptime` role, and another role with sufficient {kibana-ref}/kibana-privileges.html[Kibana privileges],
|
|
such as the `kibana_admin` role.
|
|
You can do this with the following request:
|
|
|
|
["source","sh",subs="attributes,callouts"]
|
|
---------------------------------------------------------------
|
|
PUT /_security/user/jacknich
|
|
{
|
|
"password" : "j@rV1s",
|
|
"roles" : [ "uptime", "kibana_admin" ],
|
|
"full_name" : "Jack Nicholson",
|
|
"email" : "jacknich@example.com",
|
|
"metadata" : {
|
|
"intelligence" : 7
|
|
}
|
|
}
|
|
---------------------------------------------------------------
|
|
// CONSOLE
|