Elastic Search

Elasticsearch-users Command

2 years ago
by John Otieno
The elasticsearch-users command allows you to add or remove users using file-based authentication in the Elasticsearch cluster. It also allows you to manage user roles and passwords per node. This post explores the various use cases of the elasticsearch-users command.

Command Location

The elasticsearch-users command is located in the bin directory of the elasticsearch install directory:

install_dir/bin/elasticsearch-users

Keep in mind that this may vary depending on the installation method and the environment in which you are accessing your cluster.

Command Syntax

The elasticsearch-users command follows a relatively simple syntax as shown:

Option Description

—— ———–

-E <KeyValuePair> Configure a setting

-h, –help Show help

-s, –silent Show minimal output

-v, –verbose Show verbose output

Elasticsearch-Users Sub Commands

The elasticsearch-users command supports various subcommands allowing you to add and remove users, manage passwords, edit roles, etc.

The subcommands are as shown:

Commands

--------

useradd - Adds a file user

userdel - Deletes a file-based user

passwd - Changes the password of an existing file-based user

roles - Edit roles of an existing user

list - List existing file-based users <strong>and</strong> their corresponding roles

Let us now explore how we can use the elasticsearch-users command to perform various operations.

Examples

The following examples show how to perform various actions using the elasticsearch-users command:

Example 1 – Elasticsearch-Users Create User

We can use the elasticsearch-users command and the useradd subcommand to create a new user in the file realm.

An example is shown below:

/bin/elasticsearch-users useradd linuxhint -p password

The command above creates a new user with the username ‘linuxhint’ and the password ‘password.’

Example 2 – Elasticsearch Users Create Users With Roles

To assign specific roles to a given username during user creation, we can use the -r parameter followed by the list of roles we wish to assign as a comma-separated list

Example:

/bin/elasticsearch-users useradd linuxhint -p password -r superuser,kibana_admin,watcher_admin

The command above creates a user with the specified username and password. We also assign the superuser, kibana_admin, and watcher_admin roles to the username.

Example 3 – Elasticsearch-users List Users

We can list the users in the file realm using the list subcommand. Example:

/bin/elasticsearch-users list

The command should list the available usernames and the associated roles.

linuxhint : watcher_admin,kibana_admin,superuser

Example 4 – Elasticsearch-Users Reset Password

To change the password of an existing user, we can use the passwd command as shown in the example below:

/bin/elasticsearch-users passwd linuxhint in pwsh at 11:43:45

Enter new password:

Retype new password:

The command will prompt you for a new password for the specified username.

Example 5 – Elasticsearch-users Delete User

To remove a user, we can use the userdel subcommand as shown:

/bin/elasticsearch-users userdel linuxhint

Conclusion

This post taught you how to use the Elasticsearch-users command to manage file-based user authentication and roles.

About the author

John Otieno

My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list

View all posts