Skip to content

Instantly share code, notes, and snippets.

@mccaffers

mccaffers/elasticsearch-aws-ami-al2023.sh

Last active September 29, 2025 07:50
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mccaffers/38492a3429bbf4233fc5bec5e5412353 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mccaffers/38492a3429bbf4233fc5bec5e5412353 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. mccaffers revised this gist May 5, 2025. No changes.
  2. mccaffers created this gist Apr 21, 2025.
    52 changes: 52 additions & 0 deletions elasticsearch-aws-ami-al2023.sh
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,52 @@
    #!/bin/bash

    # This script installs Elasticsearch and Kibana on Amazon Linux 2023
    # It configures the repositories, installs the software, sets it to start on boot,
    # and resets the elastic user password for initial access

    ## Step 1: Import the Elasticsearch GPG Key for package verification
    # This ensures packages are downloaded from a trusted source
    rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

    ## Step 2: Create and configure the Elasticsearch YUM repository
    # Create the repository configuration file
    touch /etc/yum.repos.d/elastic.repo
    # Write the repository configuration details to the file
    cat << EOF > /etc/yum.repos.d/elastic.repo
    [elastic]
    name=Elastic repository for 8.x packages
    baseurl=https://artifacts.elastic.co/packages/8.x/yum
    gpgcheck=1
    gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
    enabled=1
    autorefresh=1
    type=rpm-md
    EOF

    ## Step 3: Install Elasticsearch and Kibana packages
    # --enablerepo=elastic ensures we use the repository we just configured
    yum install --enablerepo=elastic elasticsearch kibana -y

    ## Step 4: Configure services to start automatically on system boot
    # Reload systemd to recognize the new service files
    /bin/systemctl daemon-reload
    # Enable Kibana service to start on boot
    /bin/systemctl enable kibana.service
    # Enable Elasticsearch service to start on boot
    /bin/systemctl enable elasticsearch.service

    ## Step 5: Start Elasticsearch and Kibana services
    # Start Kibana service
    systemctl start kibana.service
    # Start Elasticsearch service
    systemctl start elasticsearch.service

    ## Step 6: Reset and retrieve the elastic user password
    # Reset the elastic user password and store it in the variable esPass
    esPass=$(/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic -b -s)
    # Save the password to a file for later reference
    echo $esPass > /root/elastic_password.txt
    # Test the connection to Elasticsearch using the new password
    # -k allows insecure SSL connections (self-signed certificate)
    # -u specifies the username:password combination
    curl -k https://localhost:9200 -u elastic:$esPass