When deploying an Elastic Stack application, the operator generates a set of credentials essential for the operation of that application. For example, these generated credentials include the default
elastic user for Elasticsearch and the security token for APM Server.
To list all auto-generated credentials in a namespace, run the following command:
kubectl get secret -l eck.k8s.elastic.co/credentials=true
You can force the auto-generated credentials to be regenerated with new values by deleting the appropriate Secret. For example, to change the password for the
elastic user from the quickstart example, use the following command:
kubectl delete secret quickstart-es-elastic-user
If you are using the
elastic user credentials in your own applications, they will fail to connect to Elasticsearch and Kibana after the above step. It is not recommended to use
elastic user credentials for production use cases. Always create your own users with restricted roles to access Elasticsearch.
To regenerate all auto-generated credentials in a namespace, run the following command:
kubectl delete secret -l eck.k8s.elastic.co/credentials=true
The above command regenerates auto-generated credentials of all Elastic Stack applications in the namespace.