-
Notifications
You must be signed in to change notification settings - Fork 25k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[DOCS] Document default security in alpha2 #78227
[DOCS] Document default security in alpha2 #78227
Conversation
Pinging @elastic/es-docs (Team:Docs) |
Pinging @elastic/es-security (Team:Security) |
@albertzaharovits -- still work to do here, but I think that I've captured the majority of the flow. |
@elasticmachine update branch |
The first principle is to run {es} with security enabled. Configuring security | ||
can be complicated, so we made it easy to | ||
<<configuring-stack-security,start the {stack} with security enabled>> by | ||
default. Run a single configuration command and then start {es} to enable the | ||
{stack} security features. You can then connect a {kib} instance to your | ||
secured {es} cluster and enroll additional nodes. You'll have password | ||
protection, internode communication secured with Transport Layer Security (TLS), | ||
and encrypted connections between {es} and {kib}. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@bytebilly, I'd like to get your input here. I want to distinguish between running with security on by default versus manually configuring security, including the benefits and what's included. I think that we can merge this for now and iterate on it for Beta and GA.
…' into feature/data_stream_support_routing * wjp/feature/data_stream_support_routing: (44 commits) Revert "Adjust /_cat/templates not to request all metadata (elastic#78812)" Allow indices lookup to be built lazily (elastic#78745) [DOCS] Document default security in alpha2 (elastic#78227) Add cluster applier stats (elastic#77552) Fix failing URLDecodeProcessorTests::testProcessor test (elastic#78690) Upgrade to lucene snapshot ba75dc5e6bf (elastic#78817) Adjust /_cat/templates not to request all metadata (elastic#78812) Simplify build plugin license handling (elastic#77009) Fix SearchableSnapshotsBlobStoreCacheIntegTests.testBlobStoreCache (elastic#78616) Improve Docker image caching and testing (elastic#78552) Load knn vectors format with mmapfs (elastic#78724) Fix date math zone test to use negative minutes (elastic#78796) Changing name of shards field in node/stats api to shard_stats (elastic#78531) [DOCS] Fix system index refs in restore tutorial (elastic#78582) Add previously removed settings back for 8.0 (elastic#78784) TSDB: Fix template name in test Add a system property to forcibly format everything (elastic#78768) Revert "Adding config so that some tests will break if over-the-wire encryption fails (elastic#78409)" (elastic#78787) Must date math test failure Adding config so that some tests will break if over-the-wire encryption fails (elastic#78409) ...
Documents the following behavior for
alpha2
:Preview link: https://elasticsearch_78227.docs-preview.app.elstc.co/guide/en/elasticsearch/reference/master/configuring-stack-security.html