Enable security in Elasticsearch
editEnable security in Elasticsearch
editWhen you use the trial license, X-Pack security is disabled by default. To enable it:
-
Stop Kibana. The method for starting and stopping Kibana varies depending on
how you installed it. For example, if you installed Kibana from an archive
distribution (
.tar.gz
or.zip
), stop it by enteringCtrl-C
on the command line. See Starting and stopping Kibana. -
Stop Elasticsearch. For example, if you installed Elasticsearch from an archive distribution,
enter
Ctrl-C
on the command line. See Stopping Elasticsearch. -
Add the
xpack.security.enabled
setting to theES_PATH_CONF/elasticsearch.yml
file.The
ES_PATH_CONF
environment variable contains the path for the Elasticsearch configuration files. If you installed Elasticsearch using archive distributions (zip
ortar.gz
), it defaults toES_HOME/config
. If you used package distributions (Debian or RPM), it defaults to/etc/elasticsearch
. For more information, see Configuring Elasticsearch.For example, add the following setting:
xpack.security.enabled: true
If you have a basic or trial license, the default value for this setting is
false
. If you have a gold or higher license, the default value istrue
. Therefore, it is a good idea to explicitly add this setting to avoid confusion about whether X-Pack security is enabled.
When you enable X-Pack security, basic authentication is enabled by default. To communicate with the cluster, you must specify a username and password. Unless you enable anonymous access, all requests that don’t include a user name and password are rejected.
This tutorial involves a single node cluster, but if you had multiple nodes, you would enable X-Pack security on every node in the cluster and configure Transport Layer Security (TLS) for internode-communication, which is beyond the scope of this tutorial.