IMPORTANT: Version 6.6 of Elasticsearch has passed its maintenance date.
This documentation is no longer being updated. For the latest information, see the current release documentation.
You can manage and authenticate users with the built-in
file realm, users are defined in local files on each node in the cluster.
As the administrator of the cluster, it is your responsibility to ensure the same users are defined on every node in the cluster. X-Pack security does not deliver any mechanism to guarantee this.
file realm is primarily supported to serve as a fallback/recovery realm. It
is mostly useful in situations where all users locked themselves out of the system
(no one remembers their username/password). In this type of scenarios, the
realm is your only way out - you can define a new
admin user in the
and use it to log in and reset the credentials of all other users.
When you configure realms in
elasticsearch.yml, only the
realms you specify are used for authentication. To use the
file realm as a fallback, you must include it in the realm chain.
To define users, X-Pack security provides the users command-line tool. This tool enables you to add and remove users, assign user roles, and manage user passwords.
For more information, see Configuring a file realm.