Yes, it will be overwritten. The here is that we do not keep any configuration files on any node. In fact, you can run sgadmin from any machine that has access to the transport port in the cluster. This means there is no single point of writing a configuration change back when it is performed vie the REST API.
If you want to use both ways of configuring Search Guard, the easiest way is to first retrieve the current configuration from your cluster with sgadmin. There’s the -r/–retrieve switch you can use for that. Then you make your changes and upload the configuration again via sgadmin. If you allow configuration changes via the REST API or the config GUI, it is advisable to use sgadmin also for backing up your configuration.
On Sunday, August 12, 2018 at 2:17:45 AM UTC+2, Nicholas George wrote:
SG Version: 6.2.4-31.2
If I update any Searchguard configuration using the API, then re-run sgadmin.sh, will all the changes I’ve made using the API be overwritten? (I’m guessing so). Do you have any suggestions on how I can manage Searchguard configuration using both the API as well as the configuration files?