Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DOCS] Document default security in alpha2 #78227

Merged
merged 4 commits into from
Oct 7, 2021
Merged

[DOCS] Document default security in alpha2 #78227

merged 4 commits into from
Oct 7, 2021

Conversation

lockewritesdocs
Copy link
Contributor

@lockewritesdocs lockewritesdocs commented Sep 22, 2021
edited
Loading

Documents the following behavior for alpha2:

  • Generating security certificates
  • Starting Elasticsearch and Kibana securely
  • Enrolling additional nodes

Preview link: https://elasticsearch_78227.docs-preview.app.elstc.co/guide/en/elasticsearch/reference/master/configuring-stack-security.html

@lockewritesdocs lockewritesdocs added >docs General docs changes :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v8.0.0-alpha2 labels Sep 22, 2021
@lockewritesdocs lockewritesdocs self-assigned this Sep 22, 2021
@elasticmachine elasticmachine added Team:Docs Meta label for docs team Team:Security Meta label for security team labels Sep 22, 2021
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@lockewritesdocs
Copy link
Contributor Author

@albertzaharovits -- still work to do here, but I think that I've captured the majority of the flow.

@lockewritesdocs
Copy link
Contributor Author

@elasticmachine update branch

lockewritesdocs
lockewritesdocs commented Oct 6, 2021
View reviewed changes
x-pack/docs/en/security/index.asciidoc
Comment on lines +12 to +19
The first principle is to run {es} with security enabled. Configuring security
can be complicated, so we made it easy to
<<configuring-stack-security,start the {stack} with security enabled>> by
default. Run a single configuration command and then start {es} to enable the
{stack} security features. You can then connect a {kib} instance to your
secured {es} cluster and enroll additional nodes. You'll have password
protection, internode communication secured with Transport Layer Security (TLS),
and encrypted connections between {es} and {kib}.
Copy link
Contributor Author

@lockewritesdocs lockewritesdocs Oct 6, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bytebilly, I'd like to get your input here. I want to distinguish between running with security on by default versus manually configuring security, including the benefits and what's included. I think that we can merge this for now and iterate on it for Beta and GA.

@lockewritesdocs lockewritesdocs merged commit 9fb6888 into elastic:master Oct 7, 2021
@lockewritesdocs lockewritesdocs deleted the docs__alpha2-security-on branch October 7, 2021 12:44
wjp719 added a commit to wjp719/elasticsearch that referenced this pull request Oct 7, 2021
@wjp719
Merge remote-tracking branch 'wjp/feature/data_stream_support_routing…
949a412 
…' into feature/data_stream_support_routing

* wjp/feature/data_stream_support_routing: (44 commits)
  Revert "Adjust /_cat/templates not to request all metadata (elastic#78812)"
  Allow indices lookup to be built lazily (elastic#78745)
  [DOCS] Document default security in alpha2 (elastic#78227)
  Add cluster applier stats (elastic#77552)
  Fix failing URLDecodeProcessorTests::testProcessor test (elastic#78690)
  Upgrade to lucene snapshot ba75dc5e6bf (elastic#78817)
  Adjust /_cat/templates not to request all metadata (elastic#78812)
  Simplify build plugin license handling (elastic#77009)
  Fix SearchableSnapshotsBlobStoreCacheIntegTests.testBlobStoreCache (elastic#78616)
  Improve Docker image caching and testing (elastic#78552)
  Load knn vectors format with mmapfs (elastic#78724)
  Fix date math zone test to use negative minutes (elastic#78796)
  Changing name of shards field in node/stats api to shard_stats (elastic#78531)
  [DOCS] Fix system index refs in restore tutorial (elastic#78582)
  Add previously removed settings back for 8.0 (elastic#78784)
  TSDB: Fix template name in test
  Add a system property to forcibly format everything (elastic#78768)
  Revert "Adding config so that some tests will break if over-the-wire encryption fails (elastic#78409)" (elastic#78787)
  Must date math test failure
  Adding config so that some tests will break if over-the-wire encryption fails (elastic#78409)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkakavas jkakavas jkakavas left review comments

@albertzaharovits albertzaharovits albertzaharovits approved these changes

Assignees

@lockewritesdocs lockewritesdocs

Labels
>docs General docs changes :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Docs Meta label for docs team Team:Security Meta label for security team v8.0.0-alpha2 v8.0.0-beta1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@lockewritesdocs @elasticmachine @albertzaharovits @jkakavas @jakelandis @elasticsearchmachine