Authentication to ElasticSearch using the custom readonlyrest plugin.

To add the user follow the below steps:

Prerequisites

Download Readonlyrest Plugin, to download:
  1. Go to https://readonlyrest.com/download
  2. Select Product Elasticsearch plugin (Free).
  3. Elastic Stack Version 6.4.2
  4. Send to email email-id.
  5. Click Get It Now
  6. Download link is sent to the mentioned email.

Installing readonlyrest plugin:

/path to elastic search/bin/elasticsearch-plugin install

file:///path to readonlyrest-<version>.zip

Example: /usr/share/elasticsearch/bin/elasticsearch-plugin install file:///root/readonlyrest-1.16.28_es6.4.2..zip

Procedure

  1. Change directory to /etc/elasticsearch.
  2. Edit readonlyrest.yml
  3. Add the following in the file:
    - name: <Description for the User>

    auth_key_unix: <Username>:<Hashed_Password>

  4. Restart Elasticsearch.

Example

Sample User (Test/Test): 
readonlyrest:
  access_control_rules:
  - name: Accept GET,POST requests from user
     auth_key_unix: Test:
$6$rounds=65635$koKSfnyc$4iZfsoA9mxZYcRMSXUylDa2T/mPWnh/WWNqI7lM.
2hdXCIx5cVJY0Ni5NrBUXPc5F8xSVYGvs7ORVzAoyJeXq/

For Hashing of password:

./encryptpassword.py <password>

Creating encryptpassword.py file:
  1. Go to https://github.com/beshu-tech/readonlyrest-docs/blob/master/elasticsearch.md#rules
  2. Copy and write the code to file using the command: 
    vi encryptpassword.py

    Paste the code and save the file using :wq.

  3. Change the permission on the file encryptpassword.py 
    chmod 755 encryptpassword.py
  4. Execute encryptpassword.py. 
    ./encryptpassword.py <password>
Note: Authentication must be enabled in each elastic search instance in the cluster.