kibana/docs/uptime-guide/security.asciidoc

[[uptime-security]]
== Elasticsearch Security

If you use Elasticsearch security, you'll need to enable certain privileges for users 
that would like to access the Uptime app. Below is an example of creating 
a user and support role to implement those privileges.

[float]
=== Create a role

You'll need a role that lets you access the Heartbeat indices, which by default are `heartbeat-*`.
You can create this with the following request:

["source","sh",subs="attributes,callouts"]
---------------------------------------------------------------
PUT /_security/role/uptime
{ "indices" : [
    {
      "names" : [
        "heartbeat-*"
      ],
      "privileges" : [
        "read",
        "view_index_metadata"
      ],
      "field_security" : {
        "grant" : [
          "*"
        ]
      },
      "allow_restricted_indices" : false
    }
  ],
  "transient_metadata" : {
    "enabled" : true
  }
}
---------------------------------------------------------------
// CONSOLE

[float]
=== Assign the role to a user

Next, you'll need to create a user with both the `uptime` role, and another role with sufficient {kibana-ref}/kibana-privileges.html[Kibana privileges],
such as the `kibana_user` role.
You can do this with the following request:

["source","sh",subs="attributes,callouts"]
---------------------------------------------------------------
PUT /_security/user/jacknich
{
  "password" : "j@rV1s",
  "roles" : [ "uptime", "kibana_user" ],
  "full_name" : "Jack Nicholson",
  "email" : "jacknich@example.com",
  "metadata" : {
    "intelligence" : 7
  }
}
---------------------------------------------------------------
// CONSOLE