Securing "elastic" user with ReadonlyRest

(João M Da Silva) #1

Hi all!

Just a very basic question: is it possible to define a password for the default “elastic” user with ReadonlyRest?

And if yes, how would one have to configure elasticsearch.yml? Would it be something like:


    - username: elastic
    auth:key: elastic:elasticpasswd



(Simone Scarduzio) #2

You can protect the whole Elasticsearh REST API with a single HTTP Basic Auth login with a single rule, yes.

    # audit_collector: true    
    - name: "Global Access"
      auth_key: "elastic:changeme"
      verbosity: "error"

The verbosity rule is to only log requests with bad credentials.
Optionally, you can enable the audit collector to log malicious requests into an index, so you can make graphs in Kibana.
Remember though that this is a very weak solution, until you also use SSL, which conveniently, ROR supports.

(João M Da Silva) #3

That’s very nice Simone, I’ll try it out :sunglasses: