Create new or obtain default private-api-key

Is it possible to automate creation of API Keys (private and search) without needing to do manually steps in Enterprise Search / App Search UI first?

We have 4 environments and treats infrastructure and platforms-as-a-code. Currently it seems like it is not possible to define the key of default created private-api-key, nor create new ones by configuration of Enterprise Search. Wich makes us need to manually go into Apps Search UI, and create new keys.

Any idea how we can automate configuration of API Keys, so we can avoid manual use of App Search UO

Im deploying ECK 1.3 and Elastic Stack v7.10.0 on Kubernetes

Hi ismarslomic :wave:

This documentation page shows how to create new API keys, but I feel that's not what you're asking?

You want to be able to define an API key that Enterprise Search is "born" with out of your Kubernetes code?

You are correct! I have described what I really want in an duplicate post (sorry for that) here: Create custom API Key for Enterprise Search/App Search in ECK through Kubernetes resource . I would like to configure my API Keys as part of the Kubernetes resource spec, similar to configuring Elasticsearch Users by using Elasticsearch File Realm.

@ismarslomic There's no way to define API Keys in advance, they must be generated with the API.

This is a little tricky to script currently, as the credentials API requires an admin key, which can only currently be created via the UI. However, starting in 7.11 we will support Basic Auth in our APIs which will makes this possible.

1 Like

Thanks @JasonStoltz! It would be even better if you could add support for managing API Keys with use of Kubernetes secrets, such as you already do for elasticsearch users. We strive to follow the GitOps principles for our infrastructure, platform, external tools and internal applications. And currently we have to do manual steps specifically for our elastic stack, which is kind of sad. :slight_smile:

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.