[DOCS] Replace CONFIG_DIR with ES_PATH_CONF (#31635)
This commit is contained in:
parent
f924835265
commit
101d675f90
|
@ -328,7 +328,7 @@ role mappings are not considered. Defaults to `false`.
|
||||||
`files.role_mapping`::
|
`files.role_mapping`::
|
||||||
The {xpack-ref}/security-files.html[location] for the {xpack-ref}/mapping-roles.html#mapping-roles[
|
The {xpack-ref}/security-files.html[location] for the {xpack-ref}/mapping-roles.html#mapping-roles[
|
||||||
YAML role mapping configuration file]. Defaults to
|
YAML role mapping configuration file]. Defaults to
|
||||||
`CONFIG_DIR/role_mapping.yml`.
|
`ES_PATH_CONF/role_mapping.yml`.
|
||||||
|
|
||||||
`follow_referrals`::
|
`follow_referrals`::
|
||||||
Specifies whether {security} should follow referrals returned
|
Specifies whether {security} should follow referrals returned
|
||||||
|
@ -494,7 +494,7 @@ considered. Defaults to `false`.
|
||||||
|
|
||||||
`files.role_mapping`::
|
`files.role_mapping`::
|
||||||
The {xpack-ref}/security-files.html[location] for the YAML
|
The {xpack-ref}/security-files.html[location] for the YAML
|
||||||
role mapping configuration file. Defaults to `CONFIG_DIR/role_mapping.yml`.
|
role mapping configuration file. Defaults to `ES_PATH_CONF/role_mapping.yml`.
|
||||||
|
|
||||||
`user_search.base_dn`::
|
`user_search.base_dn`::
|
||||||
The context to search for a user. Defaults to the root
|
The context to search for a user. Defaults to the root
|
||||||
|
@ -719,7 +719,7 @@ for SSL. This setting cannot be used with `certificate_authorities`.
|
||||||
`files.role_mapping`::
|
`files.role_mapping`::
|
||||||
Specifies the {xpack-ref}/security-files.html[location] of the
|
Specifies the {xpack-ref}/security-files.html[location] of the
|
||||||
{xpack-ref}/mapping-roles.html[YAML role mapping configuration file].
|
{xpack-ref}/mapping-roles.html[YAML role mapping configuration file].
|
||||||
Defaults to `CONFIG_DIR/role_mapping.yml`.
|
Defaults to `ES_PATH_CONF/role_mapping.yml`.
|
||||||
|
|
||||||
`cache.ttl`::
|
`cache.ttl`::
|
||||||
Specifies the time-to-live for cached user entries. A user and a hash of its
|
Specifies the time-to-live for cached user entries. A user and a hash of its
|
||||||
|
|
|
@ -47,7 +47,7 @@ audited in plain text when including the request body in audit events.
|
||||||
|
|
||||||
[[logging-file]]
|
[[logging-file]]
|
||||||
You can also configure how the logfile is written in the `log4j2.properties`
|
You can also configure how the logfile is written in the `log4j2.properties`
|
||||||
file located in `CONFIG_DIR`. By default, audit information is appended to the
|
file located in `ES_PATH_CONF`. By default, audit information is appended to the
|
||||||
`<clustername>_access.log` file located in the standard Elasticsearch `logs` directory
|
`<clustername>_access.log` file located in the standard Elasticsearch `logs` directory
|
||||||
(typically located at `$ES_HOME/logs`). The file rolls over on a daily basis.
|
(typically located at `$ES_HOME/logs`). The file rolls over on a daily basis.
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
You can manage and authenticate users with the built-in `file` internal realm.
|
You can manage and authenticate users with the built-in `file` internal realm.
|
||||||
All the data about the users for the `file` realm is stored in two files on each
|
All the data about the users for the `file` realm is stored in two files on each
|
||||||
node in the cluster: `users` and `users_roles`. Both files are located in
|
node in the cluster: `users` and `users_roles`. Both files are located in
|
||||||
`CONFIG_DIR/` and are read on startup.
|
`ES_PATH_CONF` and are read on startup.
|
||||||
|
|
||||||
[IMPORTANT]
|
[IMPORTANT]
|
||||||
==============================
|
==============================
|
||||||
|
@ -50,7 +50,7 @@ xpack:
|
||||||
|
|
||||||
. Restart {es}.
|
. Restart {es}.
|
||||||
|
|
||||||
. Add user information to the `CONFIG_DIR/users` file on each node in the
|
. Add user information to the `ES_PATH_CONF/users` file on each node in the
|
||||||
cluster.
|
cluster.
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
|
@ -76,7 +76,7 @@ IMPORTANT: As the administrator of the cluster, it is your responsibility to
|
||||||
|
|
||||||
--
|
--
|
||||||
|
|
||||||
. Add role information to the `CONFIG_DIR/users_roles` file on each node
|
. Add role information to the `ES_PATH_CONF/users_roles` file on each node
|
||||||
in the cluster.
|
in the cluster.
|
||||||
+
|
+
|
||||||
--
|
--
|
||||||
|
|
|
@ -56,7 +56,7 @@ xpack:
|
||||||
group_search:
|
group_search:
|
||||||
base_dn: "dc=example,dc=com"
|
base_dn: "dc=example,dc=com"
|
||||||
files:
|
files:
|
||||||
role_mapping: "CONFIG_DIR/role_mapping.yml"
|
role_mapping: "ES_PATH_CONF/role_mapping.yml"
|
||||||
unmapped_groups_as_roles: false
|
unmapped_groups_as_roles: false
|
||||||
------------------------------------------------------------
|
------------------------------------------------------------
|
||||||
|
|
||||||
|
|
|
@ -137,7 +137,7 @@ see {ref}/security-api-roles.html[Role Management APIs].
|
||||||
=== File-based role management
|
=== File-based role management
|
||||||
|
|
||||||
Apart from the _Role Management APIs_, roles can also be defined in local
|
Apart from the _Role Management APIs_, roles can also be defined in local
|
||||||
`roles.yml` file located in `CONFIG_DIR`. This is a YAML file where each
|
`roles.yml` file located in `ES_PATH_CONF`. This is a YAML file where each
|
||||||
role definition is keyed by its name.
|
role definition is keyed by its name.
|
||||||
|
|
||||||
[IMPORTANT]
|
[IMPORTANT]
|
||||||
|
|
|
@ -1,23 +1,23 @@
|
||||||
[[security-files]]
|
[[security-files]]
|
||||||
=== Security Files
|
=== Security Files
|
||||||
|
|
||||||
The {security} uses the following files:
|
{security} uses the following files:
|
||||||
|
|
||||||
* `CONFIG_DIR/roles.yml` defines the roles in use on the cluster
|
* `ES_PATH_CONF/roles.yml` defines the roles in use on the cluster
|
||||||
(read more <<roles-management-file, here>>).
|
(read more <<roles-management-file, here>>).
|
||||||
|
|
||||||
* `CONFIG_DIR/elasticsearch-users` defines the users and their hashed passwords for
|
* `ES_PATH_CONF/elasticsearch-users` defines the users and their hashed passwords for
|
||||||
the <<file-realm,`file` realm>>.
|
the <<file-realm,`file` realm>>.
|
||||||
|
|
||||||
* `CONFIG_DIR/elasticsearch-users_roles` defines the user roles assignment for the
|
* `ES_PATH_CONF/elasticsearch-users_roles` defines the user roles assignment for the
|
||||||
the <<file-realm, `file` realm>>.
|
the <<file-realm, `file` realm>>.
|
||||||
|
|
||||||
* `CONFIG_DIR/role_mapping.yml` defines the role assignments for a
|
* `ES_PATH_CONF/role_mapping.yml` defines the role assignments for a
|
||||||
Distinguished Name (DN) to a role. This allows for LDAP and Active Directory
|
Distinguished Name (DN) to a role. This allows for LDAP and Active Directory
|
||||||
groups and users and PKI users to be mapped to roles (read more
|
groups and users and PKI users to be mapped to roles (read more
|
||||||
<<mapping-roles, here>>).
|
<<mapping-roles, here>>).
|
||||||
|
|
||||||
* `CONFIG_DIR/log4j2.properties` contains audit information (read more
|
* `ES_PATH_CONF/log4j2.properties` contains audit information (read more
|
||||||
<<logging-file, here>>).
|
<<logging-file, here>>).
|
||||||
|
|
||||||
[[security-files-location]]
|
[[security-files-location]]
|
||||||
|
|
|
@ -37,7 +37,7 @@ xpack:
|
||||||
domain_name: ad.example.com
|
domain_name: ad.example.com
|
||||||
url: ldaps://ad.example.com:636
|
url: ldaps://ad.example.com:636
|
||||||
ssl:
|
ssl:
|
||||||
certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
|
certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
|
||||||
--------------------------------------------------
|
--------------------------------------------------
|
||||||
|
|
||||||
The CA cert must be a PEM encoded certificate.
|
The CA cert must be a PEM encoded certificate.
|
||||||
|
|
|
@ -29,7 +29,7 @@ xpack:
|
||||||
order: 0
|
order: 0
|
||||||
url: "ldaps://ldap.example.com:636"
|
url: "ldaps://ldap.example.com:636"
|
||||||
ssl:
|
ssl:
|
||||||
certificate_authorities: [ "CONFIG_DIR/cacert.pem" ]
|
certificate_authorities: [ "ES_PATH_CONF/cacert.pem" ]
|
||||||
--------------------------------------------------
|
--------------------------------------------------
|
||||||
|
|
||||||
The CA certificate must be a PEM encoded.
|
The CA certificate must be a PEM encoded.
|
||||||
|
|
|
@ -101,7 +101,7 @@ The role definition might be missing or invalid.
|
||||||
|======================
|
|======================
|
||||||
|
|
||||||
To help track down these possibilities, add the following lines to the end of
|
To help track down these possibilities, add the following lines to the end of
|
||||||
the `log4j2.properties` configuration file in the `CONFIG_DIR`:
|
the `log4j2.properties` configuration file in the `ES_PATH_CONF`:
|
||||||
|
|
||||||
[source,properties]
|
[source,properties]
|
||||||
----------------
|
----------------
|
||||||
|
|
Loading…
Reference in New Issue