Restoring .opendistro_security as admin

What I’m trying to do

Restore the .opendistro_security index.

What I’ve tried

Following the instructions on this page, I tried:

curl -k -u $ES_USER:$ES_PWD --cert admin.pem --key admin-key.pem \
    --header "Content-Type: application/json" \
    -XPOST https://localhost:9200/_snapshot/my_repo/my_snapshot/_restore \
    --data '{"include_global_state": false, "indices": "-.opendistro_security"}'

and got security_exception:

no permissions for [] and User [name=admin, roles=[admin], requestedTenant=null]

I’ve also checked

Changed the last flag to:

--data '{"include_global_state": false, "indices": "-.opendistro_security"}'

Got no security_exception and it restored all other indices but .opendistro_security.

My question

How can I restore the .opendistro_security index?

Hello @navatm !
You can only restore .opendistro_security index by using admin certificates + admin keys.

--data '{"include_global_state": false, "indices": "-.opendistro_security"}'
Got no security_exception and it restored all other indices but .opendistro_security .

You should remove the " - " if you want to restore the .opendistro_security, you excluded it right now.

`--data '{"include_global_state": false, "indices": "*"}'`

Hope I helped !
Thi

1 Like