--- - name: Setup Elasticsearch with security enabled and a trial license hosts: localhost post_tasks: - include: elasticsearch/test/integration/debug.yml roles: - elasticsearch vars: es_config_6x: xpack.security.authc.realms.file1.order: 0 xpack.security.authc.realms.file1.type: file xpack.security.authc.realms.native1.order: 1 xpack.security.authc.realms.native1.type: native es_config_7x: xpack.security.authc.realms.file.file1.order: 0 xpack.security.authc.realms.native.native1.order: 1 es_config: "{{ es_config_7x if es_major_version == '7.x' else es_config_6x }}" es_xpack_trial: true es_api_basic_auth_username: elastic es_api_basic_auth_password: changeme es_api_sleep: 5 es_enable_http_ssl: false es_enable_transport_ssl: true es_ssl_keystore: "test/integration/files/certs/keystore-password.p12" es_ssl_truststore: "test/integration/files/certs/truststore-password.p12" es_ssl_keystore_password: password1 es_ssl_truststore_password: password2 es_validate_certs: no es_role_mapping: power_user: - "cn=admins,dc=example,dc=com" user: - "cn=users,dc=example,dc=com" - "cn=admins,dc=example,dc=com" es_users: native: kibana4_server: password: changeMe roles: - kibana4_server logstash_system: #this should be successfully modified password: aNewLogstashPassword #this will be ignored roles: - kibana4_server elastic: password: elasticChanged file: es_admin: password: changeMe roles: - admin testUser: password: changeMeAlso! roles: - power_user - user es_roles: file: admin: cluster: - all indices: - names: '*' privileges: - all power_user: cluster: - monitor indices: - names: '*' privileges: - all user: indices: - names: '*' privileges: - read kibana4_server: cluster: - monitor indices: - names: '.kibana' privileges: - all native: logstash: cluster: - manage_index_templates indices: - names: 'logstash-*' privileges: - write - delete - create_index #this will be ignored - its reserved logstash_system: cluster: - manage_index_templates indices: - names: 'logstash-*' privileges: - write - delete - create_index