Version: Search Guard 5 / This is an older version of Search Guard. Switch to Latest version
REST management API
This module adds the capability of managing users, roles, roles mapping and action groups via a REST Api.
Download the REST management API enterprise module from Maven Central:
and place it in the folder
<ES installation directory>/plugins/search-guard-2
<ES installation directory>/plugins/search-guard-5
if you are using Search Guard 5.
Choose the module version matching your Elasticsearch version, and download the jar with dependencies.
After that, restart all nodes to activate the module.
The Search Guard index can only be accessed with an admin certificate. This is the same certificate that you use when executing sgadmin.
In order for Search Guard to pick up this certificate on the REST layer, you need to set the
elasticsearch.yml to either
If you plan to use the REST API via a browser, you will need to install the admin certificate in your browser. This varies from browser to browser, so please refer to the documentation of your browser-of-choice to learn how to do that.
For curl, you need to specify the admin certificate with it’s complete certificate chain, and also the key:
curl --insecure --cert chain.pem --key kirk.key.pem "<API Endpoint>"
If you use the example PKI scripts provided by Search Guard SSL, the
kirk.key.pem is already generated for you. You can generate the chain file by
cating the certificate and the ca chain file:
cd search-guard-sll cat example-pki-scripts/kirk.crt.pem example-pki-scripts/ca/chain-ca.pem > chain.pem