Can I set built-in users passwords in elasticsearch-keystore?

Elastic Stack Elasticsearch
1

Hi,

Is it possible to set built-in user passwords in elasticsearch-keystore before ES starts up?
I know one can set the bootstrap.password in the keystore but what about passwords for elastic, kibana and other built-ins?

The Elastic Kubernetes Helm Chart seems to be doing the above here:

  1. Creates a secret with elastic user credentials
    https://github.com/elastic/helm-charts/blob/master/elasticsearch/examples/config/Makefile
  2. Adds it to the keystore
    https://github.com/elastic/helm-charts/blob/1ad3826f26b4375b8935956d462f8777bd3c78a4/elasticsearch/templates/statefulset.yaml#L155

I am not sure what keys and values are added there exactly, though.

My ElasticSearch version is 6.8.1

--
Thanks in advance

2

Hi,

As you have read in our docs you can only set bootstrap.password in the elasticsearch keystore and this password only applies to the elastic user. Now that you can authenticate as elastic with the value of bootstrap.password as the password, you can use the change passwords API to set the password for the rest of the built-in users.

Hope this helps!

3

Thank you for your response.
Yeah, I looked through the docs, but I just thought I might have missed something obvious. I have used the approach you described now.

Kind regards.

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.