Running securityadmin.sh deletes the roles/tenants created over the API

Hello everyone,

It seems that if I created users/roles/tenants over the API and run secureadmin.sh afterwards for whatever reason to update the cluster security configuration, it will delete any previous record added over the API.

Is this the expected behavior ? I find this problematic.

Thanks!

have you found solution for this?

I answered a similar question in another thread about this.

Thanks ejohns81
I understood this but my problem is, I am automating everything in chef so that i can manage and changes internal user(admin,kibanaserver,logstash etc) password anytime for different env.

I am maintaining password in vault and reading it from there new password (if i change) and updating into my config files using chef.

Now problem is, to reflect this changes i have to run secutiryadmin.sh for /securityconfig/ folder then it will update my new password for internal user but now i will lost everything for other user which i created from kibana.

What you suggest best way to manage this?

Hi,

We ended up doing everything over the OD API for users. When we create the cluster we have ofcourse the initial users (admin,management and 1 for monitoring). From that point on we do everything over REST and no need to call the securityadmin.sh anymore.

We simply did some automation to call the API and create the needed roles/users/tenants

br

Thanks Valentin for quick response.
But what if you want to change the password for internal users like admin etc?

You do it over the API or Kibana.

br

We can not change admin and kibanaserver password from kibana UI, all other user we can manage from kibana, thats a problem :frowning: