Enable security in Elasticsearch
editEnable security in Elasticsearch
editWhen you use the trial license, X-Pack security is disabled by default. To enable it:
-
Stop Kibana. The method for starting and stopping Kibana varies depending on
how you installed it. For example, if you installed Kibana from an archive
distribution (
.tar.gzor.zip), stop it by enteringCtrl-Con the command line. See Starting and stopping Kibana. -
Stop Elasticsearch. For example, if you installed Elasticsearch from an archive distribution,
enter
Ctrl-Con the command line. See Stopping Elasticsearch. -
Add the
xpack.security.enabledsetting to theES_PATH_CONF/elasticsearch.ymlfile.The
ES_PATH_CONFenvironment variable contains the path for the Elasticsearch configuration files. If you installed Elasticsearch using archive distributions (ziportar.gz), it defaults toES_HOME/config. If you used package distributions (Debian or RPM), it defaults to/etc/elasticsearch. For more information, see Configuring Elasticsearch.For example, add the following setting:
xpack.security.enabled: true
If you have a basic or trial license, the default value for this setting is
false. If you have a gold or higher license, the default value istrue. Therefore, it is a good idea to explicitly add this setting to avoid confusion about whether X-Pack security is enabled.
When you enable X-Pack security, basic authentication is enabled by default. To communicate with the cluster, you must specify a username and password. Unless you enable anonymous access, all requests that don’t include a user name and password are rejected.
This tutorial involves a single node cluster, but if you had multiple nodes, you would enable X-Pack security on every node in the cluster and configure Transport Layer Security (TLS) for internode-communication, which is beyond the scope of this tutorial.