See a problem? Submit issues or pull requests on GitHub.

© 2020 Amazon Web Services, Inc. or its affiliates. All rights reserved.

Search

Security roles

If you use the Security plugin alongside alerting, you might want to limit certain users to certain permissions. For example, you might want some users to only be able to view and acknowledge alerts, while others can create monitors and destinations. This page contains some sample roles for common use cases.

Mix and match these roles to give users the permissions they need to use the alerting feature.

Monitors run as the admin user, which means that monitors can query all documents in all indices and do not consider the roles of the user who created the monitor. Please keep this fact in mind while working with sensitive data.

View and acknowledge alerts

  1. In Kibana, choose Security, Roles.
  2. Create a new security role named alerting_alerts.
  3. In the Index Permissions tab, choose Add new index and document type.
  4. Specify the .opendistro-alerting-alerts index and * document type and Save.
  5. Choose the CRUD action group and Save role definition.
  6. Choose Role Mappings.
  7. Map the alerting_acknowledge role to the desired users or backend roles.

Create, update, and delete monitors and destinations

  1. In Kibana, choose Security, Roles.
  2. Create a new security role named alerting_monitors.
  3. In the Index Permissions tab, choose Add new index and document type.
  4. Specify the .opendistro-alerting-config index and * document type and Save.
  5. Choose the CRUD action group and Save role definition.
  6. Choose Role Mappings.
  7. Map the alerting_monitors role to the desired users or backend roles.

Read-only

  1. In Kibana, choose Security, Roles.
  2. Create a new security role named alerting_read_only.
  3. In the Index Permissions tab, choose Add new index and document type.
  4. Specify the .opendistro-alerting-alerts index and * document type and Save.
  5. Choose the READ action group and Add new index and document type.
  6. Specify the .opendistro-alerting-config index and * document type and Save.
  7. Choose the READ action group and Save role definition.
  8. Choose Role Mappings.
  9. Map the alerting_read_only role to the desired users or backend roles.