[docs] Add note on how to access generated Kibana encryptionKeys (#8150)

This updates the Advanced configuration page with a tip about how to access the operator-generated encryption keys. --------- Co-authored-by: Stef Nestor <[email protected]> Co-authored-by: Peter Brachwitz <[email protected]> Co-authored-by: Thibault Richard <[email protected]>
elastic · Oct 28, 2024 · df69825 · df69825
1 parent 182c6c3
commit df69825
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/docs/orchestrating-elastic-stack-applications/kibana.asciidoc b/docs/orchestrating-elastic-stack-applications/kibana.asciidoc
@@ -206,6 +206,18 @@ To deploy more than one instance of Kibana, all the instances must share a same
 * `xpack.reporting.encryptionKey`
 * `xpack.encryptedSavedObjects.encryptionKey`
 
+[TIP]
+====
+If you need to access these encryption keys, you can find them using the `kubectl get secrets` command. 
+
+The secret is named after the corresponding Kibana instance. For example, for a Kibana named `my-kibana`, you can run the following command to retrieve the current encryption keys:
+
+[source,shell,subs="attributes"]
+----
+kubectl get secret my-kibana-kb-config -o jsonpath='{ .data.kibana\.yml }' | base64 --decode | grep -A1 encryptedSavedObjects
+----
+====
+
 You can provide your own encryption keys using a secure setting, as described in <<{p}-kibana-secure-settings,Secure settings>>.
 
 NOTE: While most reconfigurations of your Kibana instances are carried out in rolling upgrade fashion, all version upgrades will cause Kibana downtime. This happens because you can only run a single version of Kibana at any given time. For more information, check link:https://www.elastic.co/guide/en/kibana/current/upgrade.html[Upgrade Kibana].