Change how Elasticsearch runs by providing your own user settings. User settings are appended to the elasticsearch.yml configuration file for your cluster and provide custom configuration options.
Some settings that could break your cluster if set incorrectly are blacklisted, such as certain zen discovery and security settings. Review the list of settings that are generally safe in cloud environments.
To add user settings:
- Log into the Elasticsearch Service Console.
On the Deployments page, select your deployment.
Narrow your deployments by name, ID, or choose from several other filters. To customize your view, use a combination of filters, or change the format from a grid to a list.
- From your deployment menu, go to the Edit page.
- At the bottom of the first Elasticsearch node, expand the User settings overrides caret.
- Update the user settings.
- Click Save changes.
Supported Elasticsearch settings
Elasticsearch Service supports the following Elasticsearch settings:
http.cors.*- Enables cross-origin resource sharing (CORS) settings for the HTTP module.
modules-http.html- Support for compression when possible (with Accept-Encoding). Defaults to
true. repositories.url.allowed_urls- Enables whitelisting of read-only URL repositories.
reindex.remote.whitelist- Whitelists the hosts that can be reindexed from remotely. Expects a YAML array of
host:portstrings. Consists of a comma-delimited list ofhost:portentries. Defaults to["\*.io:*", "\*.com:*"]. script.painless.regex.enabled- Enables regular expressions for the Painless scripting language.
index.number_of_shards- The number of primary shards that an index should have.
action.auto_create_index- Automatically create index if it doesn’t already exist.
action.destructive_requires_name- When set to
true, users must specify the index name to delete an index. It’s not possible to delete _all or use wildcards. cluster.indices.close.enableEnables closing indices in Elasticsearch version 2.2 and later. You might enable this setting temporarily in order to change the analyzer configuration for an existing index. We strongly recommend leaving this set to
false(the default) otherwise. Closed indices are a data loss risk: closed indices are not included when you when you make cluster configuration changes, such as scaling to a different capacity, failover, and many other operations. Lastly, closed indices can lead to inaccurate disk space counts.Closed indices are a data loss risk. Enable this setting only temporarily.
- Circuit breaker settings
- The following circuit breaker settings are supported:
indices.breaker.total.limit- Configures the parent circuit breaker settings.
indices.breaker.fielddata.limit- Configures the limit for the fielddata breaker.
indices.breaker.fielddata.overhead- Configures a constant that all field data estimations are multiplied with to determine a final estimation.
indices.breaker.request.limit- Configures the limit for the request breaker.
indices.breaker.request.overhead- Configures a constant that all request estimations are multiplied by to determine a final estimation.
- X-Pack (for version 6.0 and later)
- The following X-Pack settings are supported:
xpack.watcher.encrypt_sensitive_data- Allows enabling/disabling encryption of sensitive watcher configurations. Note that it requires adding
xpack.watcher.encryption_keyon the keystore.
- SAML
- All SAML settings are whitelisted for the reserved
cloud-samlrealm name. xpack.security.authc.realms.saml.cloud-saml.*- To learn more on how to enable SAML and related user settings, see secure your clusters with SAML.
- OpenID Connect
- All OpenID Connect settings are whitelisted for the reserved
cloud-oidcrealm name. xpack.security.authc.realms.oidc.cloud-oidc.*- To learn more on how to enable OpenID Connect and related user settings, see secure your clusters with OpenID Connect.
- X-Pack (for version 5.0 and later)
The following X-Pack settings are supported:
xpack.notification.slack- Configures Slack notification settings
(up to 6.2 | 6.3 and later). Note that you need to add
secure_urlas a secret value to the keystore. xpack.notification.hipchat- Configures HipChat notification settings.
xpack.notification.pagerduty- Configures PagerDuty notification settings.
xpack.watcher.trigger.schedule.engine- Defines when the watch should start, based on date and time.
xpack.notification.email.html.sanitization.*- Enables email notification settings to sanitize HTML elements in emails that are sent.
xpack.monitoring.collection.interval- Controls how often data samples are collected.
xpack.monitoring.collection.min_interval_secondsSpecifies the minimum number of seconds that a time bucket in a chart can represent. If you modify the
xpack.monitoring.collection.interval, use the same value in this setting.Defaults to
10(10 seconds).xpack.monitoring.history.duration- Sets the retention duration beyond which the indices created by a monitoring exporter will be automatically deleted.
xpack.watcher.history.cleaner_service.enabled- Controls whether old watcher indices are automatically deleted (requires 5.6.4 or greater).
- Scripting 5.x
The following settings are supported in Elasticsearch 5.x clusters:
script.inlinescript.storedscript.filescript.allowed_typesscript.allowed_contexts
To learn more, see Allowed script types setting and Allowed script contexts setting.
- Scripting 6.x
The following settings are supported in Elasticsearch 6.x clusters:
script.allowed_typesscript.allowed_contexts
In Elasticsearch 6.0 you can encrypt sensitive data in watcher using
xpack.watcher.encrypt_sensitive_data
To learn more, see Allowed script types setting and Allowed script contexts setting.
- Watcher and Marvel (for versions before 5.0)
The following Watcher and Marvel settings are supported:
watcher.actions.slack.service- Configures Slack notification settings.
watcher.actions.hipchat.service- Configures HipChat notification settings.
watcher.actions.pagerduty.service- Configures Configures PagerDuty notification settings.
marvel.agent.interval- Controls how often data samples are collected.
watcher.trigger.schedule.engine- Defines when the watch should start, based on date and time.
- Disk-based shard allocation settings
The following disk-based allocation settings are supported:
cluster.routing.allocation.disk.threshold_enabled- Enable or disable disk allocation decider and defaults to
true. cluster.routing.allocation.disk.watermark.low- Configures disk-based shard allocation’s low watermark.
cluster.routing.allocation.disk.watermark.high- Configures disk-based shard allocation’s high watermark.
cluster.routing.allocation.disk.watermark.flood_stage- Configures disk-based shard allocation’s flood_stage (available only on 6.x and higher).
Remember to update user settings for alerts when performing a major version upgrade. For version 5.0 and later, the syntax is different when compared to earlier versions.
If a setting is not on this list, it cannot be set and will be rejected. Additional user settings might added in the future.