User authentication in Elasticsearch query using python

Question

I'm using elastisearch using Python. My code looks somewhat like this:-

from elasticsearch import Elasticsearch

if __name__ == '__main__': 
    index="IndexPosition"
    es=Elasticsearch(['https://localhost:8080'])
    res = es.search(index='{0}'.format(index), doc_type="log",size=1000, from_=0, body={ "query": {
    "match": {
      
        ...Match condition
      }
    }
  }})

Now, due to changes in architecture user authentication has been added in the elasticsearch.Let's assume username-user and password-pass.How do I pass the username and password in the query..?

Answer 1

Girish Kumar's answer works if you have a elastic-search running without https locally. But if it is started with security(which is the default behaviour in ElasticSearch >=8.0) then you will have to also pass in more details about the ca certificate. user2514157 has tried to mention this is their answer but it is only for Docker container. For a local instance of ElasticSearch, you also have an option to pass SHA-256 fingerprint which you can copy when the ElasticSearch runs for the first time or else you can follow from here to regenerate it. Once you have the SHA-256 fingerprint you can simply do:

es_obj = Elasticsearch([{'host': 'localhost', 'port' : 9200, 'scheme': 'https'}], ssl_assert_fingerprint=_es_ca_cert, basic_auth=(_es_username, _es_passkey), timeout=10)

print(es_obj.info()) # To verify the connection

Add your instance's fingerprint using ssl_assert_fingerprint option.

Referenced from here

Answer 2

You need to pass the username and password to the Elasticsearch object as shown below:

es = Elasticsearch(['http://localhost:8080'], basic_auth=('user', 'pass'))

You could also use http_auth, but that parameter is deprecated, and should be avoided.

Answer 3

I am running ElasticSearch on Docker. ElasticSearch v8.10 automatically enables additional security (e.g., use of certificates). The certificate can be copied to the local machine by running:

docker cp elasticsearch:/usr/share/elasticsearch/config/certs/http_ca.crt .

or, if not on Docker:

cp /usr/share/elasticsearch/config/certs/http_ca.crt .

See: Verifying HTTPS with CA certificates & Run Elasticsearch in Docker - Start a single-node cluster (7-8)

from elasticsearch import Elasticsearch

# Password for the 'elastic' user generated by Elasticsearch
ELASTIC_PASSWORD = "<elastic_password>"

es = Elasticsearch(
    "https://localhost:9200",
    ca_certs="/path/to/http_ca.crt",
    basic_auth=("elastic", ELASTIC_PASSWORD)
)

# Successful response!
es.info()

Answer 4

In Elasticsearch 8.x, the http_auth parameter is deprecated, use basic_auth or bearer_auth respectively instead.

Elasticsearch >= 8.x basic auth example:

es = Elasticsearch(['https://localhost:8080'], basic_auth=('user', 'pass'))

Elasticseach < 8.x basic auth example:

es = Elasticsearch(['http://localhost:8080'], http_auth=('user', 'pass'))

Answer 5

yes, use es = Elasticsearch(hosts="http://username:password@es-endpoint:es-port/")

Test success in es version 7.7.1

Answer 6

You can pass username, password in url:

ex:

username: elastic

password: changeme

es = Elasticsearch(hosts="http://elastic:changeme@localhost:9200/")

using CURL

curl -X GET "elastic:changeme@localhost:9200/"

Answer 7

es = Elasticsearch([{'host': 'localhost', 'port': '8080'}], http_auth=('user', 'pass'))

Answer 8

you can connect the elasticsearch with below Host url config

es = Elasticsearch(hosts="http://user:pass@localhost:9200/")