From 35622add9fd4222073eec6bd4f7d4ea7a0ca6eae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joaqu=C3=ADn=20Fern=C3=A1ndez=20Campo?= Date: Tue, 19 Nov 2019 09:52:08 +0100 Subject: [PATCH] Changed to use the same variables as PR #620 to avoid generating more work on that PR --- defaults/main.yml | 3 +-- .../security/elasticsearch-security-native.yml | 16 ++++++++-------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 4db79b66..e8c7b460 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -35,11 +35,10 @@ es_allow_downgrades: false es_xpack_features: [] #These are used for internal operations performed by ansible. #They do not affect the current configuration +es_api_scheme: http es_api_host: "localhost" es_api_port: 9200 es_debian_startup_timeout: 10 # JVM custom parameters es_jvm_custom_parameters: '' - -es_http_scheme: http \ No newline at end of file diff --git a/tasks/xpack/security/elasticsearch-security-native.yml b/tasks/xpack/security/elasticsearch-security-native.yml index 59e37456..a5272d31 100644 --- a/tasks/xpack/security/elasticsearch-security-native.yml +++ b/tasks/xpack/security/elasticsearch-security-native.yml @@ -21,7 +21,7 @@ #List current users - name: List Native Users uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user" method: GET user: "{{es_api_basic_auth_username}}" password: "{{es_api_basic_auth_password}}" @@ -51,7 +51,7 @@ - name: Update API User Password uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{es_api_basic_auth_username}}/_password" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{es_api_basic_auth_username}}/_password" method: POST body_format: json body: "{ \"password\":\"{{native_users[es_api_basic_auth_username].password}}\" }" @@ -73,7 +73,7 @@ #Delete all non required users NOT inc. reserved - name: Delete Native Users uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}" method: DELETE status_code: 200 user: "{{es_api_basic_auth_username}}" @@ -94,7 +94,7 @@ #Update password on all reserved users - name: Update Reserved User Passwords uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}/_password" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}/_password" method: POST body_format: json body: "{ \"password\":\"{{native_users[item].password}}\" }" @@ -113,7 +113,7 @@ #Overwrite all other users NOT inc. those reserved - name: Update Non-Reserved Native User Details uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}" method: POST body_format: json body: "{{ native_users[item] | to_json }}" @@ -131,7 +131,7 @@ #List current roles not. inc those reserved - name: List Native Roles uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role" method: GET body_format: json user: "{{es_api_basic_auth_username}}" @@ -166,7 +166,7 @@ #Delete all non required roles NOT inc. reserved - name: Delete Native Roles uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}" method: DELETE status_code: 200 user: "{{es_api_basic_auth_username}}" @@ -182,7 +182,7 @@ #Update other roles - NOT inc. reserved roles - name: Update Native Roles uri: - url: "{{ es_http_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}" + url: "{{ es_api_scheme }}://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}" method: POST body_format: json body: "{{ es_roles.native[item] | to_json}}"