0
0
ElasticsearchHow-ToBeginner · 4 min read

How to Enable Security in Elasticsearch: Step-by-Step Guide

To enable security in Elasticsearch, you must configure the xpack.security.enabled setting to true in the elasticsearch.yml file and restart the service. This activates built-in security features like authentication, encryption, and role-based access control.
📐

Syntax

To enable security in Elasticsearch, add the following setting to your elasticsearch.yml configuration file:

  • xpack.security.enabled: true — This turns on the security features.
  • Optionally, configure SSL/TLS for encrypted communication.
  • Set up users and roles for access control.
yaml
xpack.security.enabled: true
💻

Example

This example shows how to enable security by editing the elasticsearch.yml file and then creating a built-in user with a password.

bash
# In elasticsearch.yml
xpack.security.enabled: true

# After restarting Elasticsearch, set password for built-in users
bin/elasticsearch-setup-passwords interactive

# Example output after running the command:
# Changed password for user [elastic]
# Changed password for user [kibana_system]
# ...
Output
Changed password for user [elastic] Changed password for user [kibana_system] Changed password for user [logstash_system] Changed password for user [beats_system] Changed password for user [apm_system]
⚠️

Common Pitfalls

Common mistakes when enabling security include:

  • Not restarting Elasticsearch after changing elasticsearch.yml.
  • Forgetting to set passwords for built-in users, which blocks access.
  • Not configuring SSL/TLS, leaving communication unencrypted.
  • Trying to enable security on unsupported Elasticsearch versions (security is built-in from version 6.8 and 7.x).
yaml
## Wrong: Forgetting to enable security
# elasticsearch.yml
xpack.security.enabled: false

## Right: Enable security and restart
# elasticsearch.yml
xpack.security.enabled: true
📊

Quick Reference

SettingDescriptionDefault
xpack.security.enabledEnable or disable security featuresfalse
xpack.security.transport.ssl.enabledEnable SSL for node-to-node communicationfalse
xpack.security.http.ssl.enabledEnable SSL for HTTP layerfalse
elasticsearch-setup-passwordsCommand to set built-in user passwordsN/A

Key Takeaways

Enable security by setting xpack.security.enabled to true in elasticsearch.yml.
Restart Elasticsearch after changing configuration to apply security settings.
Set passwords for built-in users using elasticsearch-setup-passwords tool.
Configure SSL/TLS to encrypt communication between nodes and clients.
Security features are built-in from Elasticsearch 6.8 and later versions.

Related by keyword

How to Install Elasticsearch: Step-by-Step GuideGetting StartedHow to Configure Index Lifecycle in Elasticsearch: Step-by-Step GuideIndex SettingsHow to Start Elasticsearch: Quick Guide for BeginnersGetting StartedHow to Boost Field in Elasticsearch: Simple GuideFull Text SearchHow to Search with Synonyms in Elasticsearch: Simple GuideFull Text Search

Up next

What is Ingest Pipeline in Elasticsearch: Explanation and ExampleLogstash vs Ingest Pipeline: Key Differences and When to Use EachHow to Fix Circuit Breaker Exception in ElasticsearchHow to Fix Cluster Red Status in Elasticsearch Quickly

More in Security

How to Create User in Elasticsearch: Step-by-Step GuideHow to Enable HTTPS in Elasticsearch SecurelyHow to Set Up Authentication in Elasticsearch QuicklyHow to Use API Key in Elasticsearch for Secure Access