Elasticsearchquery~30 mins

API key management in Elasticsearch - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

API Key Management with Elasticsearch

📖 Scenario: You are building a secure search application using Elasticsearch. To control access, you need to create and manage API keys that allow users to perform specific actions.

🎯 Goal: Learn how to create an API key, store its details, and use it to authenticate requests in Elasticsearch.

📋 What You'll Learn

Create an API key with a specific name and role

Store the API key ID and key securely

Use the API key to authenticate a search request

💡 Why This Matters

🌍 Real World

API keys help secure access to Elasticsearch clusters by granting limited permissions to users or applications.

💼 Career

Managing API keys is essential for backend developers and DevOps engineers working with Elasticsearch to ensure secure and controlled data access.

Progress0 / 4 steps

Create an API key

Write a JSON request to create an API key named my-search-key with the role read on the index products. Assign this JSON to a variable called create_api_key_request.

Elasticsearch

# Write the JSON request to create the API key
# Your code here

Need a hint?

Use a Python dictionary to represent the JSON request. The role_descriptors key defines the permissions.

Store API key response

Create a variable called api_key_response and assign it a dictionary with keys id set to abc123 and api_key set to xyz789 to simulate the API key creation response.

Elasticsearch

create_api_key_request = {
    "name": "my-search-key",
    "role_descriptors": {
        "read_role": {
            "cluster": [],
            "index": [
                {
                    "names": ["products"],
                    "privileges": ["read"]
                }
            ]
        }
    }
}
# Simulate storing the API key creation response
# Your code here

Need a hint?

Use a Python dictionary to store the API key id and api_key values.

Prepare authentication header

Create a variable called auth_header that contains the string ApiKey abc123:xyz789 using the id and api_key from api_key_response.

Elasticsearch

create_api_key_request = {
    "name": "my-search-key",
    "role_descriptors": {
        "read_role": {
            "cluster": [],
            "index": [
                {
                    "names": ["products"],
                    "privileges": ["read"]
                }
            ]
        }
    }
}

api_key_response = {
    "id": "abc123",
    "api_key": "xyz789"
}

# Create the authentication header string
# Your code here

Need a hint?

Use an f-string to combine the id and api_key with a colon between them.

Print the authentication header

Write a print statement to display the value of auth_header.

Elasticsearch

create_api_key_request = {
    "name": "my-search-key",
    "role_descriptors": {
        "read_role": {
            "cluster": [],
            "index": [
                {
                    "names": ["products"],
                    "privileges": ["read"]
                }
            ]
        }
    }
}

api_key_response = {
    "id": "abc123",
    "api_key": "xyz789"
}

auth_header = f"ApiKey {api_key_response['id']}:{api_key_response['api_key']}"

# Print the authentication header
# Your code here

Need a hint?

Use print(auth_header) to show the authentication header.