diff --git a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index f720bb8232..15f5637721 100644 --- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -1055,7 +1055,7 @@ content into your application; rather pick only the properties that you need. management.context-path= # Management endpoint context-path. For instance `/actuator` management.port= # Management endpoint HTTP port. Uses the same port as the application by default. Configure a different port to use management-specific SSL. management.security.enabled=true # Enable security. - management.security.roles=ADMIN # Comma-separated list of roles that can access the management endpoint. + management.security.roles=ACTUATOR # Comma-separated list of roles that can access the management endpoint. management.security.sessions=stateless # Session creating policy to use (always, never, if_required, stateless). management.ssl.ciphers= # Supported SSL ciphers. Requires a custom management.port. management.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store. Requires a custom management.port. diff --git a/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index 2082ce254e..849a144437 100644 --- a/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -2684,7 +2684,7 @@ If the Actuator is also in use, you will find: * The management endpoints are secure even if the application endpoints are insecure. * Security events are transformed into `AuditEvents` and published to the `AuditService`. -* The default user will have the `ADMIN` role as well as the `USER` role. +* The default user will have the `ACTUATOR` role as well as the `USER` role. The Actuator security features can be modified using external properties (`+management.security.*+`). To override the application access rules