【ElasticSearch】ES 7 用户名密码设置

一、开启密码验证

1、修改elasticsearch.yml文件,重启ES
#允许head插件等访问的相关设置
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
http.cors.allow-credentials: true
#是否启用es的安全设置,启用安全设置后es各节点、客户端的传输都会加密,并需要账号密码
xpack.security.enabled: true
#此项不可更改,当启用安全设置后,此项必须为true
xpack.security.transport.ssl.enabled: true
2、设置默认用户密码
./bin/elasticsearch-setup-passwords interactive
[elsearch@HN-82 bin]$ ./elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y
Enter password for [elastic]: 
Enter password for [elastic]: 
Reenter password for [elastic]: 
Enter password for [apm_system]: 
Reenter password for [apm_system]: 
Enter password for [kibana]: 
Reenter password for [kibana]: 
Enter password for [logstash_system]: 
Reenter password for [logstash_system]: 
Enter password for [beats_system]: 
Reenter password for [beats_system]: 
Enter password for [remote_monitoring_user]: 
Reenter password for [remote_monitoring_user]: 
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]
3、使用postman查询ES中所有用户信息。

【ElasticSearch】ES 7 用户名密码设置

注意:postman请求时,选择【Authorization】->【Basic Auth】,添加ES的用户名密码后,就能访问设置用户名密码的ES了。

二、添加新用户以及修改密码

Request edit

POST /_security/user/<username>
PUT /_security/user/<username>
{
  "password" : "1234",
  "roles" : [ "superuser" ],
  "full_name" : "elastic-test",
  "metadata" : {
    "intelligence":7
  }
}

Requestedit

POST /_security/user/_password
POST /_security/user/<username>/_password
POST /_security/user/elastic-test/_password
{
  "password" : "43221"
}

三、忘记密码如何重置

1、修改elasticsearch.yml文件,重启ES
#是否启用es的安全设置,启用安全设置后es各节点、客户端的传输都会加密,并需要账号密码
xpack.security.enabled: false
2、删除 ES中.security-*的索引
curl -XDELETE localhost:9001/.security-6
{"acknowledged":true}
3、参考设置密码[一、开启密码验证]
上一篇:JavaCV的摄像头实战之一:基础


下一篇:Aix 6.1 下安装 hacmp 6.1