Cluster restore with security on - with what users..?

Hi

Elastic 7.15

My question is. When security is on, whenever I need to restore data to a new cluster, then how I am supposed to do that..?
I mean, I install necessary packages, replace all the configuration files, then start the service.

But then I cannot execute any API requests to this cluster, since the new cluster has no users to begin with, each request gives me an error:

{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
}
],
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
},
"status" : 401
}

Obvious approach would be to turn security off and then start cluster and then create the specified users, but without the security turned on, I cannot even see the Security tab in kibana.

Here it states that for backup, I should use snapshot_user role. But this is only for taking snapshots, since this user cannot modify any data in cluster.

Back up a cluster’s data | Elasticsearch Guide [8.11] | Elastic

Regards
Raul

The general approach would be that you'd setup the new cluster, create new native realm users, then restore the data to it.

Are you looking to restore existing native realm users as well though?

The restore instructions are here.
https://www.elastic.co/guide/en/elasticsearch/reference/current/restore-security-configuration.html

The step you're looking for is this one:

Add a new user with the superuser built-in role to the file realm.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.