Shield to Security and other X-Pack clear up

handlers/elasticsearch-templates.yml

@@ -17,7 +17,7 @@
     status_code: 200
     body_format: json
     body: "{{ lookup('file', item.path) }}"
-  when: not es_enable_xpack or not es_xpack_features is defined or not '"shield" in es_xpack_features'
+  when: not es_enable_xpack or not es_xpack_features is defined or not '"security" in es_xpack_features'
   with_items: "{{ templates.files }}"
 
 - name: Install templates with auth
@@ -30,5 +30,5 @@
     force_basic_auth: yes
     body_format: json
     body: "{{ lookup('file', item.path) }}"
-  when: es_enable_xpack and es_xpack_features is defined and '"shield" in es_xpack_features'
+  when: es_enable_xpack and es_xpack_features is defined and '"security" in es_xpack_features'
   with_items: "{{ templates.files }}"

handlers/main.yml

@@ -7,10 +7,10 @@
   when: es_restart_on_change and es_start_service and ((plugin_installed is defined and plugin_installed.changed) or (config_updated is defined and config_updated.changed) or (xpack_state.changed) or (debian_elasticsearch_install_from_repo.changed or redhat_elasticsearch_install_from_repo.changed or elasticsearch_install_from_package.changed))
 
 # All security specific actions should go in here
-- name: activate-shield
-  include: ./handlers/shield/elasticsearch-shield.yml
+- name: activate-security
+  include: ./handlers/security/elasticsearch-security.yml
 
-#Templates are a handler as they need to come after a restart e.g. suppose user removes shield on a running node and doesn't
+#Templates are a handler as they need to come after a restart e.g. suppose user removes security on a running node and doesn't
 #specify es_api_basic_auth_username and es_api_basic_auth_password.  The templates will subsequently not be removed if we don't wait for the node to restart.
 #Templates done after restart therefore - as a handler.
 

handlers/security/elasticsearch-security-native.yml

@@ -14,12 +14,12 @@
 - name: Wait 15 seconds for the Native Relm to come up
   pause: seconds=15
 
-#If the node has just has shield installed it maybe either stopped or started 1. if stopped, we need to start to load native realms 2. if started, we need to restart to load
+#If the node has just has security installed it maybe either stopped or started 1. if stopped, we need to start to load native realms 2. if started, we need to restart to load
 
 #List current users
 - name: List Native Users
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/user
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user
     method: GET
     user: "{{es_api_basic_auth_username}}"
     password: "{{es_api_basic_auth_password}}"
@@ -40,7 +40,7 @@
 #Delete all non required users
 - name: Delete Native Users
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/user/{{item}}
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/user/{{item}}
     method: DELETE
     status_code: 200
     user: "{{es_api_basic_auth_username}}"
@@ -53,7 +53,7 @@
 #Overwrite all other users
 - name: Update Native Users
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/user/{{item.key}}
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/{{item.key}}
     method: POST
     body_format: json
     body: "{{item.value | to_json}}"
@@ -69,7 +69,7 @@
 
 - name: List Native Roles
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/role
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role
     method: GET
     body_format: json
     user: "{{es_api_basic_auth_username}}"
@@ -93,7 +93,7 @@
 #Delete all non required roles
 - name: Delete Native Roles
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/role/{{item}}
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item}}
     method: DELETE
     status_code: 200
     user: "{{es_api_basic_auth_username}}"
@@ -106,7 +106,7 @@
 #Update other roles
 - name: Update Native Roles
   uri:
-    url: http://{{es_api_host}}:{{es_api_port}}/_shield/role/{{item.key}}
+    url: http://{{es_api_host}}:{{es_api_port}}/_xpack/security/role/{{item.key}}
     method: POST
     body_format: json
     body: "{{item.value | to_json}}"

handlers/security/elasticsearch-security.yml

@@ -6,9 +6,9 @@
   wait_for: host={{es_api_host}} port={{es_api_port}} delay=10
   
 - name: activate-license
-  include: ./handlers/shield/elasticsearch-xpack-activation.yml
+  include: ./handlers/security/elasticsearch-xpack-activation.yml
   when: es_enable_xpack and es_xpack_license is defined and es_xpack_license != ''
 
 - name: load-native-realms
-  include: ./handlers/shield/elasticsearch-shield-native.yml
+  include: ./handlers/security/elasticsearch-security-native.yml
   when: (es_users is defined and es_users.native is defined) or (es_roles is defined and es_roles.native is defined)

handlers/security/elasticsearch-xpack-activation.yml

@@ -1,6 +1,6 @@
 ---
 
-- name: Activate ES license (without shield authentication)
+- name: Activate ES license (without security authentication)
   uri:
     method: PUT
     url: "http://{{es_api_host}}:{{es_api_port}}/_license?acknowledge=true"
@@ -9,13 +9,13 @@
     return_content: yes
   register: license_activated
   no_log: True
-  when: not '"shield" in es_xpack_features'
+  when: not '"security" in es_xpack_features'
   failed_when: >
     license_activated.status != 200 or
     license_activated.json.license_status is not defined or
     license_activated.json.license_status != 'valid'
 
-- name: Activate ES license (with shield authentication)
+- name: Activate ES license (with security authentication)
   uri:
     method: PUT
     url: "http://{{es_api_host}}:{{es_api_port}}/_license?acknowledge=true"
@@ -27,7 +27,7 @@
     return_content: yes
   register: license_activated
   no_log: True
-  when: '"shield" in es_xpack_features'
+  when: '"security" in es_xpack_features'
   failed_when: >
     license_activated.status != 200 or
     license_activated.json.license_status is not defined or