What you need is to define a superuser with elasticsearch-users
CLI. Then use that newly created user to call ChangePassword API to change password for the elastic
user.
As @warkolm mentioned, you could use elasticsearch-reset-password
if you are on version 8.x, which basically automates the above process for you (it also deletes the newly created user after the password change is completed).