Export/Import Kibana users?

Security
1

If basic authentication is used, Is there a way to export users(accounts) defined with Kibana ?

If yes, is it possible to import the same list again?

2

Hello davor_mk !
You can use the securityadmin.sh tool found at :

/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh

First read the official documentation : [Open Distro for Elasticsearch ] Security Admin tool documentation

If you want to export internal_users file configuration, you can use the tool like that :
I’m using the default demo certificates.

  1. Make a temporary directory (E.g. : /tmp/backup)
  2. Use the securityadmin tool to extract, export configuration files
  3. You will have the 5 config files, action_groups, internal_users, config, roles, roles_mappings
  4. You can then modify internal_users file (don’t forget to do a backup in case you mess up)
  5. Use the tool again to import a specific configuration file
mkdir /tmp/backup
To extract the configuration files : 
 /usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem -icl -nhnv -cd /tmp/backup -r

Then you have to remove the date from the .yml files that is added at the end of it because the plugin only accept these filenames action_groups, internal_users, config, roles, roles_mappings.

To import the specific configuration file :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /etc/elasticsearch/root-ca.pem -cert /etc/elasticsearch/kirk.pem -key /etc/elasticsearch/kirk-key.pem -icl -nhnv -t internalusers -f /tmp/backup/internal_users.yml

Hope it’s clear enough, have a good day :slight_smile:
Thi

1 Like
3

Hi @davor_mk did you manage to get it working using the securityadmin.sh method mentioned above?

4

I got it worked with different path. odfe 1.9 = es oss 7.8.0

mkdir /tmp/backup

To extract the configuration files :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /usr/share/elasticsearch/config/root-ca.pem -cert /usr/share/elasticsearch/config/kirk.pem -key /usr/share/elasticsearch/config/kirk-key.pem -icl -nhnv -cd /tmp/backup -r

Then you have to remove the date from the .yml files that is added at the end of it because the plugin only accept these filenames action_groups, internal_users, config, roles, roles_mappings.

To import the specific configuration file :
/usr/share/elasticsearch/plugins/opendistro_security/tools/securityadmin.sh -cacert /usr/share/elasticsearch/config/root-ca.pem -cert /usr/share/elasticsearch/config/kirk.pem -key /usr/share/elasticsearch/config/kirk-key.pem -icl -nhnv -t internalusers -f /tmp/backup/internal_users.yml