santerikainulainen/ansible-role-elasticsearch
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added more x-pack config options

Browse source
This commit is contained in:
Jeffrey Everling 2018-05-03 16:45:04 +02:00
parent 7aebcaefa6
commit cc28b6149a
8 changed files with 188 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

16
tasks/xpack/security/elasticsearch-security-native.yml
View file

@ -21,7 +21,7 @@
#List current users
- name: List Native Users
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user"
method: GET
user: "{{es_api_basic_auth_username}}"
password: "{{es_api_basic_auth_password}}"
@ -50,7 +50,7 @@
- name: Update API User Password
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{es_api_basic_auth_username}}/_password
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{es_api_basic_auth_username}}/_password"
method: POST
body_format: json
body: "{ \"password\":\"{{native_users[es_api_basic_auth_username].password}}\" }"
@ -72,7 +72,7 @@
#Delete all non required users NOT inc. reserved
- name: Delete Native Users
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}"
method: DELETE
status_code: 200
user: "{{es_api_basic_auth_username}}"
@ -93,7 +93,7 @@
#Update password on all reserved users
- name: Update Reserved User Passwords
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}/_password
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}/_password"
method: POST
body_format: json
body: "{ \"password\":\"{{native_users[item].password}}\" }"
@ -112,7 +112,7 @@
#Overwrite all other users NOT inc. those reserved
- name: Update Non-Reserved Native User Details
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}"
method: POST
body_format: json
body: "{{ native_users[item] | to_json }}"
@ -129,7 +129,7 @@
#List current roles not. inc those reserved
- name: List Native Roles
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role"
method: GET
body_format: json
user: "{{es_api_basic_auth_username}}"
@ -163,7 +163,7 @@
#Delete all non required roles NOT inc. reserved
- name: Delete Native Roles
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}"
method: DELETE
status_code: 200
user: "{{es_api_basic_auth_username}}"
@ -179,7 +179,7 @@
#Update other roles - NOT inc. reserved roles
- name: Update Native Roles
uri:
url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}"
method: POST
body_format: json
body: "{{ es_roles.native[item] | to_json}}"

4
tasks/xpack/security/elasticsearch-xpack-activation.yml
View file

@ -18,7 +18,7 @@
- name: Activate ES license (with security authentication)
uri:
method: PUT
url: "http://{{es_api_host}}:{{es_api_port}}/_xpack/license?acknowledge=true"
url: "{{es_http_type}}://{{es_api_host}}:{{es_api_port}}/_xpack/license?acknowledge=true"
user: "{{es_api_basic_auth_username}}"
password: "{{es_api_basic_auth_password}}"
body_format: json
@ -26,7 +26,7 @@
body: "{{ es_xpack_license }}"
return_content: yes
register: license_activated
no_log: True
no_log: false
when: "'security' in es_xpack_features"
failed_when: >
license_activated.status != 200 or