I set up a cluster by using Elastic Cloud on Kubernetes.
I want t provide our predefined custom users / roles as well as predefined credentials for the
Setup the password for the
elastic user by providing the
<clustername>-es-elastic-user secret works.
For our custom users I provide secrets for my roles, users and users_roles relations as described in Users and roles | Elastic Cloud on Kubernetes [1.2] | Elastic .
The credentials for the users I've created as described in the linked documentation with the
I just get a HTTP 401 when I try to communicate with the cluster and the API shows no custom users / roles. So no users or roles are created at cluster startup
My cluster-setup is very basic yet. The nodeset contains just one node without any specification similar to the "quickstart" example. Do I need more configuration for getting the usermanagement working? (We currently run version 1.2.1 of the eck operator.)
apiVersion: elasticsearch.k8s.elastic.co/v1 kind: Elasticsearch metadata: name: mycluster spec: version: 7.9.1 auth: # define our custom roles here roles: - secretname: mycluster-roles # define our users here fileRealm: - secretname: mycluster-users - secretname: mycluster-users-roles [...]
kind: Secret apiVersion: v1 metadata: name: mycluster-roles namespace: my-namspace stringData: roles.yml: |- my-role: run_as:  cluster: [ 'monitor' ] [...]
apiVersion: v1 kind: Secret metadata: name: mycluster-users namespace: my-namspace stringData: users: |- my-user1:<clear text password | brypted password - does no matter> my-user2:<clear text password | brypted password - does no matter> my-user3:<clear text password | brypted password - does no matter>