Is it possible to delete security index and then create it automatically on restart of Elasticsearch

x pack is enabled and now I want to delete security index.
Then will it be automatically created on restart of Elasticsearch and will all the built users be created?

What are you trying to achieve by doing this?

Which version of Elasticsearch are you using?

If you remove the security index i believe all security configuration, including users and roles, will be deleted and it will be difficult to get the cluster up and running again.

Elastic version - 8.5.2
I want to clear all the data of security index
I have a user and I forgot the password of that user who is a superuser and manages my application data.
Is there any way to reset the password without providing old credentials.

Or If I use elastic user, I want to change its password via API
without providing previous credentials

I do not know for sure, but it sounds like the behavoiur you are asking for would be a potential security vulnerability.

Hmm.. It can be a security vulnerability
Can we use anonymous access to change password without credentials
Enabling anonymous access | Elasticsearch Guide [8.5] | Elastic

If anyone could log in and change passwords through anonymous access there would not be much point in having secured the cluster in the first place, would it?

Yeah.. that's true

2 Likes

Thank you for the information .. This works with the batch files. But I think via API we cannot do that

Hi @smiley_tamy Correct, You can not reset the password of any of the built-in users via the API only via the command line tools.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.