ES clusters are deployed in logically isolated VPCs, giving you full control over your environment configuration and the ability to customize network access control lists (ACLs) and security groups. In addition, to help ensure the security of your resources in the cloud, a wide variety of security capabilities are provided, including:
When creating an ES cluster, you will be asked to set a password for the default user
elastic. The account and password will be used to log in to the Kibana page. If ES cluster user authentication has been enabled for your cluster, then they will be used for ES cluster login authentication for stricter security protection as show below:
You can use the password resetting feature on the cluster details page to reset the password of the
elastic account for your ES cluster as shown below:
If the Kibana page can be accessed over the public network, ES provides IP blocklist/allowlist in addition to password-based authentication for Kibana access, further enhancing the access security of you clusters.
192.168.0.0/24separated by commas are supported.
If you have concerns over the security of public network access, you can disable it and enable only private network access.
For the sake of security, access to ES clusters over the public network is disabled by default. For clusters having ES cluster user authentication enabled, you can enable access over the public network for convenience, but you need to set the IP allowlist for security protection.
For clusters having ES cluster user authentication enabled, you can use more security management features. In addition, the Platinum Edition offers more refined access control by document or field. For more information, please see Role-based access control at Elasticsearch official website.
You can create, modify, and delete roles with different permissions in Management > Security > Roles on the Kibana page as shown below:
You can create, modify (information, password, etc.), and delete users with multiple roles in Management > Security > Users on the Kibana page as shown below:
The password of the default ES user
elasticcan be reset only in the console on the official website.
For more information on how to use relevant security features, please see the following: